STIGQter STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The system must use a Linux Security Module configured to limit the privileges of system services.

DISA Rule

SV-208802r603263_rule

Vulnerability Number

V-208802

Group Title

SRG-OS-000480

Rule Version

OL6-00-000023

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

The SELinux "targeted" policy is appropriate for general-purpose desktops and servers, as well as systems in many other roles. To configure the system to use this policy, add or correct the following line in "/etc/selinux/config":

SELINUXTYPE=targeted

Other policies, such as "mls", provide additional security labeling and greater confinement but are not compatible with many general-purpose use cases.

Check Contents

Check the file "/etc/selinux/config" and ensure the following line appears:

SELINUXTYPE=targeted

If it does not, this is a finding.

Vulnerability Number

V-208802

Documentable

False

Rule Version

OL6-00-000023

Severity Override Guidance

Check the file "/etc/selinux/config" and ensure the following line appears:

SELINUXTYPE=targeted

If it does not, this is a finding.

Check Content Reference

M

Target Key

2928

Comments