Table of Contents
Advertisement
System Security Considerations
8
System Security Considerations
This section contains a high-level list of system security topics. Specific OS/filesystem topics
are outside of the scope of this document. For more information, see the Rangeley Software
Programmer's Guide, specifically the Secure Architecture Considerations section.
Securing your operating system is critical. You should consider the following items:
Note: This is not an exhaustive list.
• Employing effective security policies and tools; for instance, SELinux* is configured correctly
and is active
• Running and configuring the firewall(s)
• Preventing privilege escalation at boot (including recovery mode)
• Removing unnecessary software packages
• Patching software in a timely manner
• Monitoring the system and the network
• Configuring and disabling (as appropriate) remote access
• Disabling network boot
• Requiring secure passwords
• Encrypting files, up to full-disk encryption
• Ensuring physical security of the system and the network
• Using mlock to prevent swapping sensitive variables from RAM to disk
• Zeroing out sensitive variables in RAM
Getting Started Guide
§
59
Advertisement
Table of Contents
