Rationale: "Removing support for unneeded filesystem types reduces the local attack surface of the system. A squashfs image can be used without having to first decompress the image. "ĭescription: "The squashfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems (similar to cramfs ). Title: "Ensure mounting of squashfs filesystems is disabled. # 1.1.1.2 Ensure mounting of squashfs filesystems is disabled (Automated) 'not c:sh -c "lsmod | grep cramfs" -> r:cramfs ' "c:modprobe -n -v cramfs -> r:install /bin/false|Module cramfs not found " Run the following command to unload the cramfs module: # rmmod cramfs " Example: vim /etc/modprobe.d/nf: and add the following line: install cramfs /bin/true. Remediation: "Edit or create a file in the /etc/modprobe.d/ directory ending in. If this filesystem type is not needed, disable it. Rationale: "Removing support for unneeded filesystem types reduces the local attack surface of the server. A cramfs image can be used without having to first decompress the image. "ĭescription: "The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. Title: "Ensure mounting of cramfs filesystems is disabled. # 1.1.1.1 Ensure mounting of cramfs filesystems is disabled (Automated)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |