Eu corri lynis no meu convidado LTS do Ubuntu 16.04.2. Eu tenho resolvido problemas, mas depois de muita pesquisa (incluindo neste site) não consigo encontrar uma sugestão para resolver essas perdas pontuais. Quaisquer ponteiros seriam mais apreciados.
Performing test ID FILE-6430 (Disable mounting of some filesystems)
Result: found module support in kernel: insmod /lib/modules/4.4.0-81-generic/kernel/fs/cramfs/cramfs.ko
Test: Checking if cramfs is active
Result: module cramfs is not loaded in the kernel
Hardening: assigned partial number of hardening points (2 of 3). Currently having 80 points (out of 87)
Result: found module support in kernel: insmod /lib/modules/4.4.0-81-generic/kernel/fs/freevxfs/freevxfs.ko
Test: Checking if freevxfs is active
Result: module freevxfs is not loaded in the kernel
Hardening: assigned partial number of hardening points (2 of 3). Currently having 82 points (out of 90)
Result: found module support in kernel: insmod /lib/modules/4.4.0-81-generic/kernel/fs/hfs/hfs.ko
Test: Checking if hfs is active
Result: module hfs is not loaded in the kernel
Hardening: assigned partial number of hardening points (2 of 3). Currently having 84 points (out of 93)
Result: found module support in kernel: insmod /lib/modules/4.4.0-81-generic/kernel/fs/hfsplus/hfsplus.ko
Test: Checking if hfsplus is active
Result: module hfsplus is not loaded in the kernel
Hardening: assigned partial number of hardening points (2 of 3). Currently having 86 points (out of 96)
Result: found module support in kernel: insmod /lib/modules/4.4.0-81-generic/kernel/fs/jffs2/jffs2.ko
Test: Checking if jffs2 is active
Result: module jffs2 is not loaded in the kernel
Hardening: assigned partial number of hardening points (2 of 3). Currently having 88 points (out of 99)
Hardening: assigned maximum number of hardening points for this item (3). Currently having 91 points (out of 102)
Result: found module support in kernel: insmod /lib/modules/4.4.0-81-generic/kernel/fs/udf/udf.ko
Test: Checking if udf is active
Result: module udf is not loaded in the kernel
Hardening: assigned partial number of hardening points (2 of 3). Currently having 93 points (out of 105)
Checking permissions of /usr/share/lynis/include/tests_storage
File permissions are OK
Eu encontrei a resposta. Editar arquivo
/etc/modprobe.d/blacklist.conf
e adicione o seguinte ao final
# instruct modprobe to force inactive modules to always fail loading
install cramfs /bin/false
install freevxfs /bin/false
install hfs /bin/false
install hfsplus /bin/false
install jffs2 /bin/false
install udf /bin/false