OpenSCAP on CentOS 7 – Installing from source

Sometimes we need to build things from source. In this article we install OpenSCAP on CentOS 7 by compiling and installing it manually.


Installing from source Security automation is hot and we love it. One way is using the OpenSCAP toolkit. Unfortunately it is not mature enough, so you might want to build and install it from source. We share our findings while creating our test environment. Install required components On our minimum installed CentOS 7 system, we need to install a few components. Most are related to compiling C++ and parsing XML files.

How and why Linux daemons drop privileges

By dropping privileges a process can be better protected against attacks. Learn how this applies to Linux systems and software.


In this article we have a look at the privileges of Linux daemons and dropping privileges in particular. The samples provided are in C. Why drop privileges? Some daemons need root permissions to start. This happens for example when a daemon wants to bind to a low port (<1024). However running network based daemons with root permissions is considered to be a serious risk. In case of compromise of the process, an attacker has full access to the system.