875f635ab4
This patch gets rid of the old "special notes" section that was a dead-end in the documentation and replaces it with a brief header followed by a dynamically-generated list of tag-specific documentation. All of this sits underneath the "Hardening Domains" section. It also splits the "Deviations" documentation into its own section because it's quite important for a deployer to review. The patch also includes a link to video/slides from the Boston Summit, which provided the latest updates for the project and some background on how everything fits together. Change-Id: I1a5e78733c301335fe1bcfcee36cc146d690b841
613 B
613 B
file_perms - Filesystem permissions
One of the first layers of defense against attacks on a Linux system is Discretionary Access Control (DAC), which is managed through filesystem permissions.
Overview
Some of the STIG requirements for file permissions could cause disruptions on production systems if the permissions were adjusted to meet the needs of a particular application. These configurations are applied on an opt-in basis. Deployers must verify that these changes work well with their systems before applying the changes.