1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Configure SELinux to meet or exceed the default targeted policy, which constrains daemons and system software only. Security configuration requirements vary from site to site. Some sites may mandate a policy that is stricter than the default policy, which is perfectly acceptable. This item is intended to ensure that at least the default recommendations are met.

Solution

Edit the /etc/selinux/config file to set the SELINUXTYPE parameter: SELINUXTYPE=ubuntu

See Also

https://workbench.cisecurity.org/files/1867

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(3)

Plugin: Unix

Control ID: 808d042ddee574e7f439de6e6a56ff0ee87b24c2d3345d1786c323475e7d3855