The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
Oracle recommends that you upgrade the software described by this documentation as soon as possible.
Table of Contents
- Preface
- 1 Oracle Linux Security Overview
- 2 Secure Installation and Configuration
- 3 Implementing Oracle Linux Security
- 3.1 Configuring and Using Data Encryption
- 3.2 Configuring a GRUB Password
- 3.3 Configuring and Using Certificate Management
- 3.4 Configuring and Using Authentication
- 3.5 Configuring and Using Pluggable Authentication Modules
- 3.6 Configuring and Using Access Control Lists
- 3.7 Configuring and Using SELinux
- 3.8 Configuring and Using Auditing
- 3.9 Configuring and Using System Logging
- 3.10 Configuring and Using Process Accounting
- 3.11 Configuring and Using Software Management
- 3.12 Configuring Access to Network Services
- 3.13 Configuring and Using Chroot Jails
- 3.14 Configuring and Using Linux Containers
- 3.15 Configuring and Using Kernel Security Mechanisms
- 4 Security Considerations for Developers
- 5 Secure Deployment Checklist
- 5.1 Minimizing the Software Footprint
- 5.2 Configuring System Logging
- 5.3 Disabling Core Dumps
- 5.4 Minimizing Active Services
- 5.5 Locking Down Network Services
- 5.6 Configuring a Packet-filtering Firewall
- 5.7 Configuring TCP Wrappers
- 5.8 Configuring Kernel Parameters
- 5.9 Restricting Access to SSH Connections
- 5.10 Configuring File System Mounts, File Permissions, and File Ownerships
- 5.11 Checking User Accounts and Privileges
- 6 Using OpenSCAP to Scan for Vulnerabilities
- 6.1 About SCAP
- 6.2 Installing the SCAP Packages
- 6.3 About the oscap Command
- 6.4 Displaying the Available SCAP Information
- 6.5 Displaying Information About a SCAP File
- 6.6 Displaying Available Profiles
- 6.7 Validating OVAL and XCCDF Files
- 6.8 Running a Scan Against a Profile
- 6.9 Generating a Full Security Guide
- 6.10 Running an OVAL Auditing Scan
- 7 FIPS 140-2 Compliance in Oracle Linux