Ensure permissions on bootloader config are configured
Details The grub configuration file contains information on boot settings and passwords for unlocking boot options. The grub configuration is...
- Home
- Security Hardening
- CIS CentOS 6 Workstation L1 V3.0.0
CIS CentOS 6 Workstation L1 V3.0.0
Ensure prelink is disabled
Details prelink is a program that modifies ELF shared libraries and ELF dynamically linked binaries in such a way that...Ensure SELinux is installed
Details SELinux provides Mandatory Access Control. Rationale: Without a Mandatory Access Control system installed only the default Discretionary Access Control...Ensure SELinux is not disabled in bootloader configuration – enforcing=0
Details Configure SELINUX to be enabled at boot time and verify that it has not been overwritten by the grub...Ensure SELinux is not disabled in bootloader configuration – selinux=0
Details Configure SELINUX to be enabled at boot time and verify that it has not been overwritten by the grub...Ensure SELinux policy is configured
Details Configure SELinux to meet or exceed the default targeted policy, which constrains daemons and system software only. Note: If...Ensure sticky bit is set on all world-writable directories
Details Setting the sticky bit on world writable directories prevents users from deleting or renaming files in that directory that...Ensure the SELinux mode is enforcing or permissive – config
Details SELinux can run in one of three modes: disabled, permissive, or enforcing: Enforcing – Is the default, and recommended,...Ensure the SELinux mode is enforcing or permissive – getenforce
Details SELinux can run in one of three modes: disabled, permissive, or enforcing: Enforcing – Is the default, and recommended,...Ensure XD/NX support is enabled
Details Recent processors in the x86 family support the ability to prevent code execution on a per memory page basis....