875f635ab4
This patch gets rid of the old "special notes" section that was a dead-end in the documentation and replaces it with a brief header followed by a dynamically-generated list of tag-specific documentation. All of this sits underneath the "Hardening Domains" section. It also splits the "Deviations" documentation into its own section because it's quite important for a deployer to review. The patch also includes a link to video/slides from the Boston Summit, which provided the latest updates for the project and some background on how everything fits together. Change-Id: I1a5e78733c301335fe1bcfcee36cc146d690b841
579 B
579 B
lsm - Linux Security Modules
Linux Security Modules, such as AppArmor and SELinux, provide an extra level of security controls on a Linux system. They provide Mandatory Access Control (MAC) that checks system activities against security policy. These policies apply to all users, including root.
Overview
The STIG requires that SELinux is in enforcing mode to provide additional security against attacks. The security role will enable SELinux on CentOS systems and enable AppArmor on Ubuntu and Debian systems.