diff options
Diffstat (limited to 'conf/level.secure')
| -rw-r--r-- | conf/level.secure | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/conf/level.secure b/conf/level.secure new file mode 100644 index 0000000..4d12b1d --- /dev/null +++ b/conf/level.secure @@ -0,0 +1,54 @@ +ENABLE_APPARMOR=yes +ALLOW_X_CONNECTIONS=no +CHECK_WRITABLE=yes +ENABLE_IP_SPOOFING_PROTECTION=yes +MAIL_EMPTY_CONTENT=yes +ACCEPT_BROADCASTED_ICMP_ECHO=no +CHECK_PERMS=yes +CHECK_USER_FILES=yes +ENABLE_SUDO=no +ALLOW_XSERVER_TO_LISTEN=no +CHECK_CHKROOTKIT=yes +SHELL_HISTORY_SIZE=100 +ALLOW_REBOOT=no +CHECK_SUID_ROOT=yes +SYSLOG_WARN=yes +ENABLE_AT_CRONTAB=no +ACCEPT_BOGUS_ERROR_RESPONSES=no +CHECK_PASSWD=yes +PASSWORD_HISTORY=2 +CHECK_SUID_MD5=yes +CHECK_SHOSTS=yes +MAIL_USER=root +ALLOW_AUTOLOGIN=no +ENABLE_PAM_WHEEL_FOR_SU=yes +CHECK_SHADOW=yes +ALLOW_ROOT_LOGIN=no +CHECK_UNOWNED=yes +ENABLE_CONSOLE_LOG=no +ALLOW_USER_LIST=no +ENABLE_DNS_SPOOFING_PROTECTION=yes +CREATE_SERVER_LINK=secure +ENABLE_PASSWORD=yes +NOTIFY_WARN=no +WIN_PARTS_UMASK=0 +CHECK_OPEN_PORT=yes +SHELL_TIMEOUT=600 +ALLOW_REMOTE_ROOT_LOGIN=no +ENABLE_LOG_STRANGE_PACKETS=yes +USER_UMASK=077 +CHECK_RPM=yes +ENABLE_SULOGIN=yes +ENABLE_PAM_ROOT_FROM_WHEEL=no +MAIL_WARN=yes +ALLOW_XAUTH_FROM_ROOT=no +CHECK_SECURITY=yes +ACCEPT_ICMP_ECHO=yes +PASSWORD_LENGTH=6,1,1 +AUTHORIZE_SERVICES=local +ROOT_UMASK=077 +ENABLE_MSEC_CRON=yes +TTY_WARN=yes +ENABLE_POLICYKIT=no +CHECK_SGID=yes +CHECK_PROMISC=yes |