Sep 19, 2023 Functional Update- RHEL-07-020320 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid owner.
- RHEL-07-020330 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid group owner.
- RHEL-07-020660 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories contained in local interactive user home directories have a valid owner.
- RHEL-07-020670 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories contained in local interactive user home directories are group-owned by a group of which the home directory owner is a member.
- RHEL-07-020680 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories contained in local interactive user home directories have a mode of 0750 or less permissive.
- RHEL-07-020710 - The Red Hat Enterprise Linux operating system must be configured so that all local initialization files have mode 0740 or less permissive.
- RHEL-07-020730 - The Red Hat Enterprise Linux operating system must be configured so that local initialization files do not execute world-writable programs.
- RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - device_t
- RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - unlabeled_t
- RHEL-07-021030 - The Red Hat Enterprise Linux operating system must be configured so that all world-writable directories are group-owned by root, sys, bin, or an application group.
- RHEL-07-021031 - The Red Hat Enterprise Linux operating system must be configured so that all world-writable directories are owned by root, sys, bin, or an application user.
- RHEL-07-021700 - The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.
- RHEL-07-040540 - The Red Hat Enterprise Linux operating system must not contain .shosts files.
- RHEL-07-040550 - The Red Hat Enterprise Linux operating system must not contain shosts.equiv files.
|
Sep 6, 2023 Miscellaneous- Audit deprecated.
- Metadata updated.
- References updated.
|
Aug 15, 2023 Functional Update- RHEL-07-010270 - The Red Hat Enterprise Linux operating system must be configured so that passwords are prohibited from reuse for a minimum of five generations - password-auth
- RHEL-07-010270 - The Red Hat Enterprise Linux operating system must be configured so that passwords are prohibited from reuse for a minimum of five generations - system-auth
- RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.
|
Jun 27, 2023 Miscellaneous- Metadata updated.
- Platform check updated.
|
May 19, 2023 Functional Update- RHEL-07-010270 - The Red Hat Enterprise Linux operating system must be configured so that passwords are prohibited from reuse for a minimum of five generations - password-auth
- RHEL-07-010270 - The Red Hat Enterprise Linux operating system must be configured so that passwords are prohibited from reuse for a minimum of five generations - system-auth
- RHEL-07-020111 - The Red Hat Enterprise Linux operating system must disable the graphical user interface automounter unless required - automount
- RHEL-07-020111 - The Red Hat Enterprise Linux operating system must disable the graphical user interface automounter unless required - automount-open
- RHEL-07-020111 - The Red Hat Enterprise Linux operating system must disable the graphical user interface automounter unless required - automount-open=false
- RHEL-07-020111 - The Red Hat Enterprise Linux operating system must disable the graphical user interface automounter unless required - autorun-never
- RHEL-07-020111 - The Red Hat Enterprise Linux operating system must disable the graphical user interface automounter unless required - autorun-never=true
- RHEL-07-040160 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.
|
May 16, 2023 |
Apr 12, 2023 Functional Update- RHEL-07-010120 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one upper-case character.
- RHEL-07-010130 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one lower-case character.
- RHEL-07-010140 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are assigned, the new password must contain at least one numeric character.
- RHEL-07-010150 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one special character.
- RHEL-07-010160 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed a minimum of eight of the total number of characters must be changed.
- RHEL-07-010170 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed a minimum of four character classes must be changed.
- RHEL-07-010180 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed the number of repeating consecutive characters must not be more than three characters.
- RHEL-07-010190 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed the number of repeating characters of the same character class must not be more than four characters.
- RHEL-07-010210 - The Red Hat Enterprise Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords.
- RHEL-07-010230 - The Red Hat Enterprise Linux operating system must be configured so that passwords for new users are restricted to a 24 hours/1 day minimum lifetime.
- RHEL-07-010250 - The Red Hat Enterprise Linux operating system must be configured so that passwords for new users are restricted to a 60-day maximum lifetime.
- RHEL-07-010280 - The Red Hat Enterprise Linux operating system must be configured so that passwords are a minimum of 15 characters in length.
- RHEL-07-010430 - The Red Hat Enterprise Linux operating system must be configured so that the delay between logon prompts following a failed console logon attempt is at least four seconds.
- RHEL-07-020240 - The Red Hat Enterprise Linux operating system must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
- RHEL-07-020610 - The Red Hat Enterprise Linux operating system must be configured so that all local interactive user accounts, upon creation, are assigned a home directory.
Miscellaneous- Metadata updated.
- Variables updated.
|
Apr 3, 2023 Functional Update- RHEL-07-020111 - The Red Hat Enterprise Linux operating system must disable the graphical user interface automounter unless required - automount=false
- RHEL-07-020630 - The Red Hat Enterprise Linux operating system must be configured so that all local interactive user home directories have mode 0750 or less permissive.
- RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.
|
Mar 20, 2023 Functional Update- RHEL-07-040350 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using rhosts authentication.
|