OL6-00-000001 – The system must use a separate file system for /tmp.
Details The ‘/tmp’ partition is used as temporary storage by many programs. Placing ‘/tmp’ in its own partition enables the...
- Home
- Security Hardening
- DISA STIG Oracle Linux 6 V1R18
DISA STIG Oracle Linux 6 V1R18
OL6-00-000002 – The system must use a separate file system for /var.
Details Ensuring that ‘/var’ is mounted on its own partition enables the setting of more restrictive mount options. This helps...OL6-00-000003 – The system must use a separate file system for /var/log.
Details Placing ‘/var/log’ in its own partition enables better separation between log files and other files in ‘/var/’. Solution System...OL6-00-000004 – The system must use a separate file system for the system audit data path.
Details Placing ‘/var/log/audit’ in its own partition enables better separation between audit files and other files, and helps ensure that...OL6-00-000005 – The audit system must alert designated staff members when the audit storage volume approaches capacity.
Details Notifying administrators of an impending disk space problem may allow them to take corrective action prior to any disruption....OL6-00-000008 – Vendor-provided cryptographic certificates must be installed to verify the integrity of system software.
Details This key is necessary to cryptographically verify packages that packages are from the operating system vendor. Solution To ensure...OL6-00-000023 – The system must use a Linux Security Module configured to limit the privileges of system services.
Details Setting the SELinux policy to ‘targeted’ or a more specialized policy ensures the system will confine processes that are...OL6-00-000025 – All device files must be monitored by the system Linux Security Module.
Details If a device file carries the SELinux type ‘unlabeled_t’, then SELinux cannot properly restrict access to the device file....OL6-00-000027 – The system must prevent the root account from logging in from virtual consoles.
Details Preventing direct root login to virtual console devices helps ensure accountability for actions taken on the system using the...OL6-00-000028 – The system must prevent the root account from logging in from serial consoles.
Details Preventing direct root login to serial port interfaces helps ensure accountability for actions taken on the systems using the...