Dear CentOS Development Team,
I am interested in starting a new SIG or merging with the ‘Hardening’ SIG, I didn’t find sufficient information about the hardening SIG. I have been on the mailing list for some years and I have noticed a number of concerns with regards to security, e.g. the default sshd_config, gnome user list and more.
My goal is to use the base and modify the OS with these changes and make it available for the CentOS community, I will mention this on the mailing list to get the community feedback so that they can have an opportunity to contribute, and more importantly get an OS that meets their needs, with regards to their security concerns.
I’m not too familiar with the CentOS build system, however I started to read up on it and practice to get a feel on things. Some of the things that I will like to change are as follow:
SSH: disable root (uncomment 'PermitRootLogin' and change to no) enable 'strictMode' modify 'MaxAuthTries' modify 'ClientAliveInterval' modify 'ClientAliveCountMax'
Gnome: disable Gnome user list
Console: Remove reboot, halt poweroff from /etc/security/console.app
Looking forward for your response on how can I proceed with this?