Saltstack Official Linux Formula
Você não pode selecionar mais de 25 tópicos
Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
|
- # 1.1.1.7 Ensure mounting of udf filesystems is disabled
- #
- # Description
- # ===========
- # The udf filesystem type is the universal disk format used to implement
- # ISO/IEC 13346 and ECMA-167 specifications. This is an open vendor filesystem
- # type for data storage on a broad range of media. This filesystem type is
- # necessary to support writing DVDs and newer optical disc formats.
- #
- # Rationale
- # =========
- # Removing support for unneeded filesystem types reduces the local attack
- # surface of the server. If this filesystem type is not needed, disable it.
- #
- # Audit
- # =====
- # Run the following commands and verify the output is as indicated:
- #
- # # modprobe -n -v udf
- # install /bin/true
- # # lsmod | grep udf
- # <No output>
- #
- # Remediation
- # ===========
- # Edit or create the file /etc/modprobe.d/CIS.conf and add the following line:
- #
- # install udf /bin/true
- #
- parameters:
- linux:
- system:
- kernel:
- module:
- udf:
- install:
- command: /bin/true
|
