STIGQter STIGQter: STIG Summary: Red Hat Enterprise Linux 8 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

RHEL 8 must use a Linux Security Module configured to enforce limits on system services.

DISA Rule

SV-230240r627750_rule

Vulnerability Number

V-230240

Group Title

SRG-OS-000134-GPOS-00068

Rule Version

RHEL-08-010170

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the operating system to verify correct operation of all security functions.

Set the "SELinux" status and the "Enforcing" mode by modifying the "/etc/selinux/config" file to have the following line:

SELINUX=enforcing

A reboot is required for the changes to take effect.

Check Contents

Verify the operating system verifies correct operation of all security functions.

Check if "SELinux" is active and in "Enforcing" mode with the following command:

$ sudo getenforce
Enforcing

If "SELinux" is not active and not in "Enforcing" mode, this is a finding.

Vulnerability Number

V-230240

Documentable

False

Rule Version

RHEL-08-010170

Severity Override Guidance

Verify the operating system verifies correct operation of all security functions.

Check if "SELinux" is active and in "Enforcing" mode with the following command:

$ sudo getenforce
Enforcing

If "SELinux" is not active and not in "Enforcing" mode, this is a finding.

Check Content Reference

M

Target Key

2921

Comments