Ensure noexec option set on /var/tmp partition
Details The noexec mount option specifies that the filesystem cannot contain executable binaries. Rationale: Since the /var/tmp filesystem is only...
- Home
- Security Hardening
- CIS Aliyun Linux 2 L1 V1.0.0
CIS Aliyun Linux 2 L1 V1.0.0
Ensure nosuid option set on /dev/shm partition
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Setting this option on a file...Ensure nosuid option set on /tmp partition
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Since the /tmp filesystem is only...Ensure nosuid option set on /var/tmp partition
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Since the /var/tmp filesystem is only...Ensure ntp is configured – NTP server/pool
Details ntp is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across...Ensure ntp is configured – restrict -4
Details ntp is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across...Ensure ntp is configured – restrict -6
Details ntp is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across...Ensure ntp is configured – -u ntp:ntp
Details ntp is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across...Ensure package manager repositories are configured
Details Systems need to have package manager repositories configured to ensure they receive the latest patches and updates. Rationale: If...Ensure permissions on bootloader config are configured
Details The grub configuration file contains information on boot settings and passwords for unlocking boot options. The grub configuration is...