Restrict Core Dumps – fs.suid_dumpable = 0′
Details A core dump is the memory of an executable program. It is generally used to determine why a program...
- Home
- Security Hardening
- CIS Red Hat Enterprise Linux 5 L1 V2.2 1
CIS Red Hat Enterprise Linux 5 L1 V2.2 1
Set Boot Loader Password
Details Setting the boot loader password will require that anyone rebooting system must enter a password before being able to...Set nodev option for /tmp Partition
Details The nodev mount option specifies that the filesystem cannot contain special devices. Rationale: Since the /tmp filesystem is not...Set noexec option for /tmp Partition
Details The noexec mount option specifies that the filesystem cannot contain executable binaries. Rationale: Since the tmp filesystem is only...Set nosuid option for /tmp Partition
Details The nosuid mount option specifies that the filesystem cannot contain set userid files. Rationale: Since the /tmp filesystem is...Set Permissions on /etc/grub.conf
Details Set permission on the /etc/grub.conf file to read and write for root only. Rationale: Setting the permissions to read...Set Sticky Bit on All World-Writable Directories
Details Setting the sticky bit on world writable directories prevents users from deleting or renaming files in that directory that...Set User/Group Owner on /etc/grub.conf
Details Set the owner and group of /etc/grub.conf to the root user. Rationale: Setting the owner and group to root...Use the Latest OS Release
Details Periodically, Red Hat releases updates to the Red Hat operating system to support new hardware platforms, deliver new functionality...Verify Package Integrity Using RPM
Details RPM has the capability of verifying installed packages by comparing the installed files against the file information stored in...