Ensure noexec option set on removable media partitions
Details The noexec mount option specifies that the filesystem cannot contain executable binaries. Rationale: Setting this option on a file...
- Home
- Security Hardening
- CIS Debian 9 Workstation L1 V1.0.1
CIS Debian 9 Workstation L1 V1.0.1
Ensure noexec option set on /tmp partition
Details The noexec mount option specifies that the filesystem cannot contain executable binaries. Rationale: Since the /tmp filesystem is only...Ensure noexec option set on /var/tmp partition
Details The noexec mount option specifies that the filesystem cannot contain executable binaries. Rationale: Since the /var/tmp filesystem is only...Ensure nosuid option set on /dev/shm partition
Details The nosuidmount option specifies that the filesystem cannot contain setuid files. Rationale: Setting this option on a file system...Ensure nosuid option set on removable media partitions
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Setting this option on a file...Ensure nosuid option set on /tmp partition
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Since the /tmp filesystem is only...Ensure nosuid option set on /var/tmp partition
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Since the /var/tmp filesystem is only...Ensure package manager repositories are configured
Details Systems need to have package manager repositories configured to ensure they receive the latest patches and updates. Rationale: If...Ensure permissions on bootloader config are configured
Details The grub configuration file contains information on boot settings and passwords for unlocking boot options. The grub configuration is...Ensure permissions on /etc/issue are configured
Details The contents of the /etc/issue file are displayed to users prior to login for local terminals. Rationale: If the...