From Fedora Project Wiki
(page creation)
(No difference)

Revision as of 14:19, 2 March 2013

List of check for security hardening of a package

  • check if a daemon do not have a selinux policy or not
  • inspect rpmlint error about insecure file usage, insecure API
    • check of initgroups/setuid/setgroup order
    • check for chdir before chroot
    • check for compile flags properly added
  • check if daemon is run as root
  • check if daemon drop caps
  • check if started by default if network facing