Closed netzzwerch closed 2 years ago
You have to keep in mind that apt may fail when you set noexec on /tmp. That is the reason why default value deviate from Benchmark recommendation. But you're right, it should be explicitly mentioned. Everyone can set the variable in their playbook to be CIS compliant if they want to, or if their system has no problem with it.
Default values remain as they are. Anyone who wants to can overwrite the values for their own environment.
Hi, Change ist based on the CIS benchmarks.