To disable RHEL user namespaces
Purpose
Current and future RHEL OS vulnerabilities may be mitigated by disabling namespaces for RHEL users.
Note: Disabling RHEL namespaces is described in a STIG recommendation.
For greater OS security, perform the following steps to disable the use of namespaces by any RHEL user on any NSP station.
Steps
1 |
Log in as the root user on the station that hosts the OS. |
2 |
Open a console window. |
3 |
Enter the following to display the current namespace setting: # cat /proc/sys/user/max_user_namespaces ↵ A numeric value is displayed. |
4 |
RHEL namespaces are enabled if the value is greater than zero. If RHEL namespaces are enabled, perform the following steps.
|
5 |
Enter the following to verify that namespaces are disabled: # cat /proc/sys/user/max_user_namespaces ↵ A numeric value is displayed. |
6 |
If the value is not 0, contact technical support for assistance. |
7 |
Close the console window. End of steps |