Policy : Linux: Read /etc/selinux/config (KB)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.150156

Category: Policy

Title: Linux: Read /etc/selinux/config (KB)

Summary: The /etc/selinux/config configuration file controls whether;SELinux is enabled or disabled, and if enabled, whether SELinux operates in permissive mode or;enforcing mode. The SELINUX variable may be set to any one of disabled, permissive, or enforcing to;select one of these options. The disabled option completely disables the SELinux kernel and;application code, leaving the system running without any SELinux protection. The permissive option;enables the SELinux code, but causes it to operate in a mode where accesses that would be denied by;policy are permitted but audited. The enforcing option enables the SELinux code and causes it to;enforce access denials as well as auditing them. Permissive mode may yield a different set of;denials than enforcing mode, both because enforcing mode will prevent an operation from proceeding;past the first denial and because some application code will fall back to a less privileged mode of;operation if denied access.;;Note: This script only stores information for other Policy Controls.

Description: Summary:
The /etc/selinux/config configuration file controls whether
SELinux is enabled or disabled, and if enabled, whether SELinux operates in permissive mode or
enforcing mode. The SELINUX variable may be set to any one of disabled, permissive, or enforcing to
select one of these options. The disabled option completely disables the SELinux kernel and
application code, leaving the system running without any SELinux protection. The permissive option
enables the SELinux code, but causes it to operate in a mode where accesses that would be denied by
policy are permitted but audited. The enforcing option enables the SELinux code and causes it to
enforce access denials as well as auditing them. Permissive mode may yield a different set of
denials than enforcing mode, both because enforcing mode will prevent an operation from proceeding
past the first denial and because some application code will fall back to a less privileged mode of
operation if denied access.

Note: This script only stores information for other Policy Controls.

CVSS Score:
0.0

CVSS Vector:
AV:L/AC:H/Au:S/C:N/I:N/A:N

Copyright Copyright (C) 2020 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.150156
Category:	Policy
Title:	Linux: Read /etc/selinux/config (KB)
Summary:	The /etc/selinux/config configuration file controls whether;SELinux is enabled or disabled, and if enabled, whether SELinux operates in permissive mode or;enforcing mode. The SELINUX variable may be set to any one of disabled, permissive, or enforcing to;select one of these options. The disabled option completely disables the SELinux kernel and;application code, leaving the system running without any SELinux protection. The permissive option;enables the SELinux code, but causes it to operate in a mode where accesses that would be denied by;policy are permitted but audited. The enforcing option enables the SELinux code and causes it to;enforce access denials as well as auditing them. Permissive mode may yield a different set of;denials than enforcing mode, both because enforcing mode will prevent an operation from proceeding;past the first denial and because some application code will fall back to a less privileged mode of;operation if denied access.;;Note: This script only stores information for other Policy Controls.
Description:	Summary: The /etc/selinux/config configuration file controls whether SELinux is enabled or disabled, and if enabled, whether SELinux operates in permissive mode or enforcing mode. The SELINUX variable may be set to any one of disabled, permissive, or enforcing to select one of these options. The disabled option completely disables the SELinux kernel and application code, leaving the system running without any SELinux protection. The permissive option enables the SELinux code, but causes it to operate in a mode where accesses that would be denied by policy are permitted but audited. The enforcing option enables the SELinux code and causes it to enforce access denials as well as auditing them. Permissive mode may yield a different set of denials than enforcing mode, both because enforcing mode will prevent an operation from proceeding past the first denial and because some application code will fall back to a less privileged mode of operation if denied access. Note: This script only stores information for other Policy Controls. CVSS Score: 0.0 CVSS Vector: AV:L/AC:H/Au:S/C:N/I:N/A:N
Copyright	Copyright (C) 2020 Greenbone AG