Back

Configure the "Support for cramfs filesystems" setting to organizational standards.


CONTROL ID
08765
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Red Hat Enterprise Linux to Organizational Standards., CC ID: 08713

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Ensure mounting of cramfs filesystems is disabled Description: The `cramfs` filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A `cramfs` image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesystem t… (1.1.1.1, CIS Amazon Linux 2 Benchmark, v.2.0.0, Level 1)
  • Ensure mounting of cramfs filesystems is disabled Description: The `cramfs` filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A `cramfs` image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesystem t… (1.1.1.1, CIS Amazon Linux 2 Benchmark, v.2.0.0, Level 2)
  • Title: Disable Mounting of cramfs Filesystems Description: The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesystem types… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.18_Disable_Mounting_of_cramfs_Filesystems Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.18.1_, The Center for Internet Security CentOS 6 Level 2 Benchmark, 1.0.0)
  • Title: Disable Mounting of cramfs Filesystems Description: The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesystem types… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.18_Disable_Mounting_of_cramfs_Filesystems Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.18.2_, The Center for Internet Security CentOS 6 Level 2 Benchmark, 1.0.0)
  • Title: Disable Mounting of cramfs Filesystems Description: The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesystem typ… (Rule:xccdf_org.cisecurity.benchmarks_rule_1.1.18_Disable_Mounting_of_cramfs_Filesystems Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_1.1.18.1_, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
  • Title: Disable Mounting of cramfs Filesystems Description: The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesystem typ… (Rule:xccdf_org.cisecurity.benchmarks_rule_1.1.18_Disable_Mounting_of_cramfs_Filesystems Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_1.1.18.2_, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
  • Title: Disable Mounting of cramfs Filesystems Description: The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesyst… (Rule: xccdf_org.cisecurity.benchmarks_rule_2.18_Disable_Mounting_of_cramfs_Filesystems Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_2.18.1_, The Center for Internet Security Ubuntu 12.04 LTS Level 2 Benchmark, v1.0.0)
  • Title: Disable Mounting of cramfs Filesystems Description: The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesyst… (Rule: xccdf_org.cisecurity.benchmarks_rule_2.18_Disable_Mounting_of_cramfs_Filesystems Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_2.18.2_, The Center for Internet Security Ubuntu 12.04 LTS Level 2 Benchmark, v1.0.0)
  • Ensure mounting of cramfs filesystems is disabled Description: The `cramfs` filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A `cramfs` image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesystem t… (1.1.1.1, CIS Oracle Linux 8 Benchmark, Server Level 1, v1.0.1)
  • Ensure mounting of cramfs filesystems is disabled Description: The `cramfs` filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A `cramfs` image can be used without having to first decompress the image. Rationale: Removing support for unneeded filesystem t… (1.1.1.1, CIS Oracle Linux 8 Benchmark, Server Level 2, v1.0.1)
  • Support for cramfs filesystems should be enabeld or disabled as appropriate. Technical Mechanisms: (1) via /etc/modprobe.conf (2) via configuration file in /etc/modprobe.d (3) via MODPROBE_OPTIONS environment variable Parameters: enabled / disabled References: Section: 2.2.2.5 - Disabl… (CCE-14089-7, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 5, 5.20130214)