a676e37a84
* Docs are now ordered by STIG ID number to make them easier to browse. * Deployer notes are better organized. * Script + CSV added for automated documentation generation. Implements: blueprint security-hardening Change-Id: Ib87bec701eddf1601574f4e027f301c775e5e1cd
18 lines
672 B
ReStructuredText
18 lines
672 B
ReStructuredText
V-38456: The system must use a separate file system for /var.
|
|
-------------------------------------------------------------
|
|
|
|
Ensuring that "/var" is mounted on its own partition enables the setting of
|
|
more restrictive mount options. This helps protect system services such as
|
|
daemons or other programs which use it. It is not uncommon for the "/var"
|
|
directory to contain world-writable directories, installed by other software
|
|
packages.
|
|
|
|
Details: `V-38456 in STIG Viewer`_.
|
|
|
|
.. _V-38456 in STIG Viewer: https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/2015-05-26/finding/V-38456
|
|
|
|
Notes for deployers
|
|
~~~~~~~~~~~~~~~~~~~
|
|
|
|
.. include:: developer-notes/V-38456.rst
|