I would like to ask you some questions regarding the Standard System Security Profile for Fedora hardening settings through OpenSCAP.
Based on the information given, it seems that the current configuration settings are not applicable for Fedora 41. In this regard, when could we reasonably expect the hardening settings for Fedora 41?
Regarding the above-mentioned standard security baseline of a Fedora system, would it be possible to share more information, how strict are those hardening rules? Fedora is the main OS on my computer and I use it mainly for science-related programming (JupyterLabs, Pycharm, Octave, Rstudio, VSCodium), by working with TeXstudio, Zettlr, Zotero as well as running some virtual machines (mainly Windows 10 and 11 through GNOME Boxes and Virtual Machine Manager). Would it be reasonable to expect any issues if I implement the OpenSCAP Fedora hardening settings? Many thanks! Cheers!
We can still use the OpenSCAP profiles through complyctl + complyctl-openscap-plugin. This simplifies the user experience with a technology agnostic user interface while allowing to transparently use a combination of the best underlying technologies as soon as more plugins are available.
With complyctl you can also easily customize your Assessment Plan if any default rule in a framework can impact your development environment. I would recommend you to give a try and also join us to collaborate in these projects.