9.1.14.2. Least Functionality¶

The SIMP stunnel service is configured to run within a chroot jail. This ensures that the service cannot see or access files outside of stunnel directory. Should the stunnel service become remotely compromised, the attack cannot be escalated to other parts of the file system.

References: CM-7 : LEAST FUNCTIONALITY

Read the Docs v: master

Versions: master; latest; stable; 6.6.0; 6.5.0-3; 6.5.0-2; 6.5.0-1; 6.4.0-0; 6.3.3; 6.3.0-0; 6.2.0-0; 6.1.0-0; 6.0.0-0; 5.2.1-0; 5.2.0-0; 5.1.0-3; 5.1.0-2; 5.1.0-1; 5.1.0-0; 4.3.1-0; 4.3.0-0; 4.2.0-2; 4.2.0-1; 4.2.0-0; simp-maint-example-role-formatting; simp-maint-example-fixes

Downloads: pdf; html; epub

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.