[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 9274 Download | Alert*

Description: GDM is the GNOME Display Manager which handles graphical login for GNOME based systems. The disable-user-list option controls is a list of users is displayed on the login screen. Rationale: Displaying the user list eliminates half of the Userid/Password equation that an unauthorized person would need to log on. Fix: Edit or create the file ...

Description: By default GNOME automatically mounts removable media when inserted as a convenience to the user. Rationale: With automounting enabled anyone with physical access could attach a USB drive or disc and have its contents available in system even if they lacked permissions to mount it themselves. Fix: Edit or create the file /etc/dconf/db/loca ...

Description: The `nosuid` mount option specifies that the filesystem cannot contain `setuid` files. Rationale: Setting this option on a file system prevents users from introducing privileged programs onto the system and allowing non-root users to execute them. Audit: Verify that the `nosuid` option is set if a `/var` partition exists.Run the following command and verify that nothing is returned:# ...

Title: Ensure nodev option set on /var/log/audit partition Description: The nodev mount option specifies that the filesystem cannot contain special devices. Rationale: Since the /var/log/audit filesystem is not intended to support devices, set this option to ensure that users cannot create a block or character special devices in /var/log/audit . Audit: Verify that the nodev opti ...

Title: Ensure nosuid option set on /var/log/audit partition Description: The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Since the /var/log/audit filesystem is only intended for variable files such as logs, set this option to ensure that users cannot create setuid files in /var/log/audit . Audit: Verify that the nosuid option is se ...

Title: Ensure core dump backtraces are disabled Description: A core dump is the memory of an executable program. It is generally used to determine why a program aborted. It can also be used to glean confidential information from a core file. Rationale: A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain se ...

Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one

GDM is the GNOME Display Manager which handles graphical login for GNOME based systems. The disable-user-list option controls is a list of users is displayed on the login screen. Rationale: Displaying the user list eliminates half of the Userid/Password equation that an unauthorized person would need to log on.

By default GNOME automatically mounts removable media when inserted as a convenience to the user. Rationale: With automounting enabled anyone with physical access could attach a USB drive or disc and have its contents available in system even if they lacked permissions to mount it themselves.

The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Since the /var filesystem is only intended for temporary file storage, set this option to ensure that users cannot create setuid files in /var.


Pages:      Start    848    849    850    851    852    853    854    855    856    857    858    859    860    861    ..   927

© SecPod Technologies