Rules like <a href="https://cisofy.com/lynis/controls/HRDN-7222/" rel="nofollow">https://cisofy.com/lynis/controls/HRDN-7222/</a> make me think the whole thing is snake oil. There is <i>zero</i> security benefit to making publicly-available compilers not be world-readable.
Rules like <a href="https://cisofy.com/lynis/controls/AUTH-9282/" rel="nofollow">https://cisofy.com/lynis/controls/AUTH-9282/</a> are something that NIST calls outdated and dangerous password practice, but foreign security bodies mandate. Go figure.<p>Also, the suggestion from <a href="https://cisofy.com/lynis/controls/NAME-4404/" rel="nofollow">https://cisofy.com/lynis/controls/NAME-4404/</a> is just wrong on systems with nss_myhostname (from systemd) configured.