File: rule.yml

package info (click to toggle)
scap-security-guide 0.1.78-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 114,600 kB
  • sloc: xml: 245,305; sh: 84,381; python: 33,093; makefile: 27
file content (32 lines) | stat: -rw-r--r-- 833 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
documentation_complete: true


title: 'Disallow magic SysRq key'

description: '{{{ describe_sysctl_option_value(sysctl="kernel.sysrq", value="0") }}}'

rationale: |-
    The Magic SysRq key allows sending certain commands directly to the running
    kernel. It can dump various system and process information, potentially
    revealing sensitive information. It can also reboot or shutdown the machine,
    disturbing its availability.

severity: medium

identifiers:
    cce@rhel8: CCE-83355-8
    cce@rhel9: CCE-83968-8
    cce@rhel10: CCE-90232-0
    cce@sle12: CCE-91571-0
    cce@sle15: CCE-91261-8

{{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.sysrq", value="0") }}}

platform: system_with_kernel

template:
    name: sysctl
    vars:
        sysctlvar: kernel.sysrq
        sysctlval: '0'
        datatype: int