1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
documentation_complete: true
title: 'Remove the FreeRadius Server Package'
description: |-
The <tt>freeradius</tt> package should be removed if not in use.
Is this system a RADIUS server? If not, remove the package.
{{{ describe_package_remove(package="freeradius") }}}
The freeradius RPM is not installed by default on a {{{ full_name }}}
system. It is needed only by the RADIUS servers, not by the
clients which use RADIUS for authentication. If the system is not
intended for use as a RADIUS Server it should be removed.
rationale: |-
Unnecessary packages should not be installed to decrease the attack
surface of the system. While this software is clearly essential on a
RADIUS server, it is not necessary on typical desktop or workstation systems.
severity: low
identifiers:
cce@rhel8: CCE-82752-7
ocil_clause: 'the package is installed'
ocil: '{{{ ocil_package(package="freeradius") }}}'
template:
name: package_removed
vars:
pkgname: freeradius
|
