GEN000000-LNX00800 - The system must use a Linux Security Module configured to limit the privileges of system services - 'SELINUX = enforcing'

Information

Linux Security Modules such as SELinux and AppArmor can be used to provide protection from software exploits by explicitly defining the privileges permitted to each software package.

Solution

Enable one of the SELinux policies.
Edit /etc/sysconfig/selinux and set the value of the SELINUX option to 'enforcing' and SELINUXTYPE to 'targeted' or 'strict'.
Restart the system.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|III, CCI|CCI-000366, Rule-ID|SV-218186r603259_rule, STIG-ID|GEN000000-LNX00800, STIG-Legacy|SV-63085, STIG-Legacy|V-22584, Vuln-ID|V-218186

Plugin: Unix

Control ID: 3efbca593d77acc615e67f8d86898c0722372801055f1682013407e931a2fb10