Ensure noexec option set on /tmp partition
Details The noexec mount option specifies that the filesystem cannot contain executable binaries. Since the /tmp filesystem is only intended...
- Home
- Security Hardening
- CIS SUSE Linux Enterprise Server 11 L1 V2.1.0
CIS SUSE Linux Enterprise Server 11 L1 V2.1.0
Ensure noexec option set on /var/tmp partition
Details The noexec mount option specifies that the filesystem cannot contain executable binaries. Since the /var/tmp filesystem is only intended...Ensure nosuid option set on /dev/shm partition
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Setting this option on a file system...Ensure nosuid option set on removable media partitions
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Setting this option on a file system...Ensure nosuid option set on /tmp partition
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Since the /tmp filesystem is only intended...Ensure nosuid option set on /var/tmp partition
Details The nosuid mount option specifies that the filesystem cannot contain setuid files. Since the /var/tmp filesystem is only intended...Ensure package manager repositories are configured
Details Systems need to have package manager repositories configured to ensure they receive the latest patches and updates. If a...Ensure permissions on bootloader config are configured
Details The grub configuration file contains information on boot settings and passwords for unlocking boot options. The grub configuration is...Ensure sticky bit is set on all world-writable directories
Details Setting the sticky bit on world writable directories prevents users from deleting or renaming files in that directory that...Ensure XD/NX support is enabled
Details Recent processors in the x86 family support the ability to prevent code execution on a per memory page basis....