Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-51369 | RHEL-06-000023 | SV-65579r1_rule | Low |
Description |
---|
Setting the SELinux policy to "targeted" or a more specialized policy ensures the system will confine processes that are likely to be targeted for exploitation, such as network or system services. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2017-04-28 |
Check Text ( None ) |
---|
None |
Fix Text (F-56171r1_fix) |
---|
The SELinux "targeted" policy is appropriate for general-purpose desktops and servers, as well as systems in many other roles. To configure the system to use this policy, add or correct the following line in "/etc/selinux/config": SELINUXTYPE=targeted Other policies, such as "mls", provide additional security labeling and greater confinement but are not compatible with many general-purpose use cases. |