As a note, both: * - core 0
AND * hard core 0 * soft core 0 Should pass. Trevor On Mon, Sep 30, 2013 at 11:28 AM, <[email protected]> wrote: > All, > > Most of the guidance for RHEL security has suggested setting the following > in /etc/security/limits.conf: > > * hard core 0 > > I have generally set this to: > > * - core 0 > > Because this sets both the hard and soft limits on the system. Most SCAP > scanners are looking for very specific values there. I'm looking at > modifying the checks to pass either 'hard' or '-' for the value. > > I'd also to fix the maxlogins in the rule (*max_concurrent_login_sessions*) > in /etc/security/limits.conf to look for the DOD default (10) and lower to > satisfy the check. Security standards are there as a baseline, why 'fail' > the setting for exceeding the baseline value? > > Regards, > > Frank Caviggia > > -- > Frank Caviggia > Consultant, Public [email protected] > (M) (571) 295-4560 > > > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 [email protected] -- This account not approved for unencrypted proprietary information --
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
