Ensure core dumps are restricted – /etc/systemd/coredump.conf ProcessSizeMax
Details A core dump is the memory of an executable program. It is generally used to determine why a program...
- Home
- Security Hardening
- CIS Fedora 19 Family Linux Workstation L1 V1.0.0
CIS Fedora 19 Family Linux Workstation L1 V1.0.0
Ensure core dumps are restricted – /etc/systemd/coredump.conf Storage
Details A core dump is the memory of an executable program. It is generally used to determine why a program...Ensure core dumps are restricted – sysctl
Details A core dump is the memory of an executable program. It is generally used to determine why a program...Ensure /dev/shm is configured – /etc/fstab
Details /dev/shm is a traditional shared memory concept. One program will create a memory portion, which other processes (if permitted)...Ensure /dev/shm is configured – mount
Details /dev/shm is a traditional shared memory concept. One program will create a memory portion, which other processes (if permitted)...Ensure filesystem integrity is regularly checked
Details Periodic checking of the filesystem integrity is needed to detect changes to the filesystem. Note: The checking in this...Ensure gpgcheck is globally activated – /etc/yum.repos.d/*.repo
Details The gpgcheck option, found in the main section of the /etc/yum.conf and individual /etc/yum/repos.d/*.repo files determines if an RPM...Ensure gpgcheck is globally activated – yum.conf
Details The gpgcheck option, found in the main section of the /etc/yum.conf and individual /etc/yum/repos.d/*.repo files determines if an RPM...Ensure GPG keys are configured
Details Most packages managers implement GPG key signing to verify package integrity during installation. Rationale: It is important to ensure...Ensure mounting of cramfs filesystems is disabled – lsmod
Details The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can...