diff --git a/debian8/templates/csv/mount_options.csv b/debian8/templates/csv/mount_options.csv

index 6e00a922cc..c85df506af 100644

--- a/debian8/templates/csv/mount_options.csv

+++ b/debian8/templates/csv/mount_options.csv

@@ -19,4 +19,3 @@

 /tmp,nodev

 /tmp,nosuid

 /usr,nodev

-/var/tmp,bind

diff --git a/fedora/templates/csv/mount_options.csv b/fedora/templates/csv/mount_options.csv

index 6bbdea38f9..9f4361a7f4 100644

--- a/fedora/templates/csv/mount_options.csv

+++ b/fedora/templates/csv/mount_options.csv

@@ -12,5 +12,4 @@

 /tmp,nodev

 /tmp,noexec

 /tmp,nosuid

-/var/tmp,bind

diff --git a/shared/fixes/bash/mount_option_var_tmp_bind.sh

new file mode 100644

index 0000000000..1466eff5f5

--- /dev/null

+++ b/shared/fixes/bash/mount_option_var_tmp_bind.sh

@@ -0,0 +1,17 @@

+# platform = multi_platform_rhel,multi_platform_fedora

+

+. /usr/share/scap-security-guide/remediation_functions

+

+# Delete particular /etc/fstab's row if /var/tmp is already configured to

+# represent a mount point (for some device or filesystem other than /tmp)

+if grep -q -P '.*\/var\/tmp.*' /etc/fstab

+then

+  sed -i '/.*\/var\/tmp.*/d' /etc/fstab

+fi

+umount /var/tmp

+

+# Bind-mount /var/tmp to /tmp via /etc/fstab (preserving the /etc/fstab form)

+printf "%-24s%-24s%-8s%-32s%-3s\n" "/tmp" "/var/tmp" "none" "rw,nodev,noexec,nosuid,bind" "0 0" >> /etc/fstab

+

+mkdir -p /var/tmp

+mount -B /tmp /var/tmp

diff --git a/shared/checks/oval/mount_option_var_tmp_bind.xml

new file mode 100644

index 0000000000..7280364cfa

--- /dev/null

+++ b/shared/checks/oval/mount_option_var_tmp_bind.xml

@@ -0,0 +1,85 @@

+<def-group>

+  <definition class="compliance" id="mount_option_var_tmp_bind" version="1">

+    <metadata>

+      <title>Bind Mount /var/tmp To /tmp</title>

+      <affected family="unix">

+        <platform>multi_platform_all</platform>

+      </affected>

+      <description>The /var/tmp directory should be bind mounted to /tmp in

+      order to consolidate temporary storage into one location protected by the

+      same techniques as /tmp.</description>

+    </metadata>

+    <criteria operator="AND">

+      

+      test_ref="test_configure_mount_option_var_tmp_bind_tmp" />

+      

+      test_ref="test_mount_option_var_tmp" />

+      <criteria operator="OR">

+        

+        test_ref="test_mount_option_var_tmp_bind" />

+        

+        test_ref="test_mount_option_var_tmp_bind_compare_source" />

+      </criteria>

+    </criteria>

+  </definition>

+

+  

+  comment="Ensure /var/tmp is configured to bind mount to /tmp"

+  id="test_configure_mount_option_var_tmp_bind_tmp" version="1">

+    <ind:object object_ref="object_configure_mount_option_var_tmp_bind_tmp" />

+  </ind:textfilecontent54_test>

+  

+  id="object_configure_mount_option_var_tmp_bind_tmp" version="1">

+    <ind:filepath>/etc/fstab</ind:filepath>

+    <ind:pattern operation="pattern match">^[\s]*/tmp[\s]+/var/tmp[\s]+.*bind.*$</ind:pattern>

+    <ind:instance datatype="int" operation="greater than or equal">1</ind:instance>

+  </ind:textfilecontent54_object>

+

+  

+  comment="Ensure /var/tmp is mounted" check="all">

+    <linux:object object_ref="object_mount_option_var_tmp" />

+  </linux:partition_test>

+  <linux:partition_object id="object_mount_option_var_tmp" version="1">

+    <linux:mount_point operation="pattern match">/var/tmp</linux:mount_point>

+  </linux:partition_object>

+

+  

+       the bind mount option. As a result, the less elegant textfilecontent54_test

+       is required here. -->

+

+  

+  comment="Ensure bind mount option is on /var/tmp"

+  id="test_mount_option_var_tmp_bind" version="1">

+    <ind:object object_ref="object_mount_option_var_tmp_bind" />

+  </ind:textfilecontent54_test>

+  

+  id="object_mount_option_var_tmp_bind" version="1">

+    <ind:filepath>/etc/mtab</ind:filepath>

+    <ind:pattern operation="pattern match">^[\s]*/tmp[\s]+/var/tmp[\s]+.*bind.*$</ind:pattern>

+    <ind:instance datatype="int" operation="greater than or equal">1</ind:instance>

+  </ind:textfilecontent54_object>

+

+  

+       about binded mounts anymore. An alternative is to check if

+       /tmp and /var/tmp have the same source device -->

+

+  

+  comment="Ensure /var/tmp and /tmp have the same source device" check="all">

+    <linux:object object_ref="object_mount_option_var_tmp_bind_compare_source" />

+    <linux:state state_ref="state_mount_option_var_tmp_bind_compare_source" />

+  </linux:partition_test>

+  <linux:partition_object id="object_mount_option_var_tmp_bind_compare_source" version="1">

+    <linux:mount_point operation="pattern match">/tmp</linux:mount_point>

+  </linux:partition_object>

+  <linux:partition_state id="state_mount_option_var_tmp_bind_compare_source" version="1">

+    

+    operation="equals" var_ref="var_mount_option_var_tmp_bind_var_tmp_source_device"/>

+  </linux:partition_state>

+

+  

+  id="var_mount_option_var_tmp_bind_var_tmp_source_device" version="1">

+    

+    object_ref="object_mount_option_var_tmp" />

+  </local_variable>

+

+</def-group>

diff --git a/ol7/templates/csv/mount_options.csv b/ol7/templates/csv/mount_options.csv

index 2f0aa49f0d..122198b57a 100644

--- a/ol7/templates/csv/mount_options.csv

+++ b/ol7/templates/csv/mount_options.csv

@@ -1,3 +1,2 @@

 /dev/shm,nodev

 /dev/shm,nosuid

-/var/tmp,bind

diff --git a/opensuse/templates/csv/mount_options.csv b/opensuse/templates/csv/mount_options.csv

deleted file mode 100644

index e024d02571..0000000000

--- a/opensuse/templates/csv/mount_options.csv

+++ /dev/null

@@ -1,9 +0,0 @@

-# format:

-# <mount_point>,<mount_option>[,create_fstab_entry_if_needed]

-# - mount point mounted with specified option. for more than

-#     one option, use multiple lines with the same <mount_point>, use the 

-#     variable name (i.e. name beginning with var_, without the leading

-#     '$' to reference a variable, e.g. var_removable_partition,nodev)

-#  If the remediation can create (i.e. not just modify) an /etc/fstab line,

-#  add the 'create_fstab_entry_if_needed' literal string as the third argument.

-/var/tmp,bind

diff --git a/rhel-osp7/templates/csv/mount_options.csv b/rhel-osp7/templates/csv/mount_options.csv

deleted file mode 100644

index e024d02571..0000000000

--- a/rhel-osp7/templates/csv/mount_options.csv

+++ /dev/null

@@ -1,9 +0,0 @@

-# format:

-# <mount_point>,<mount_option>[,create_fstab_entry_if_needed]

-# - mount point mounted with specified option. for more than

-#     one option, use multiple lines with the same <mount_point>, use the 

-#     variable name (i.e. name beginning with var_, without the leading

-#     '$' to reference a variable, e.g. var_removable_partition,nodev)

-#  If the remediation can create (i.e. not just modify) an /etc/fstab line,

-#  add the 'create_fstab_entry_if_needed' literal string as the third argument.

-/var/tmp,bind

diff --git a/rhel6/templates/csv/mount_options.csv b/rhel6/templates/csv/mount_options.csv

index ebf6bba9df..de0056e08c 100644

--- a/rhel6/templates/csv/mount_options.csv

+++ b/rhel6/templates/csv/mount_options.csv

@@ -12,4 +12,3 @@

 /tmp,nodev

 /tmp,noexec

 /tmp,nosuid

-/var/tmp,bind

diff --git a/rhel7/templates/csv/mount_options.csv b/rhel7/templates/csv/mount_options.csv

index f5d9ed8cea..f9a3bc73dd 100644

--- a/rhel7/templates/csv/mount_options.csv

+++ b/rhel7/templates/csv/mount_options.csv

@@ -19,4 +19,3 @@

 /var/tmp,nodev

 /var/tmp,noexec

 /var/tmp,nosuid

-/var/tmp,bind

diff --git a/sle11/templates/csv/mount_options.csv b/sle11/templates/csv/mount_options.csv

deleted file mode 100644

index e024d02571..0000000000

--- a/sle11/templates/csv/mount_options.csv

+++ /dev/null

@@ -1,9 +0,0 @@

-# format:

-# <mount_point>,<mount_option>[,create_fstab_entry_if_needed]

-# - mount point mounted with specified option. for more than

-#     one option, use multiple lines with the same <mount_point>, use the 

-#     variable name (i.e. name beginning with var_, without the leading

-#     '$' to reference a variable, e.g. var_removable_partition,nodev)

-#  If the remediation can create (i.e. not just modify) an /etc/fstab line,

-#  add the 'create_fstab_entry_if_needed' literal string as the third argument.

-/var/tmp,bind

diff --git a/sle12/templates/csv/mount_options.csv b/sle12/templates/csv/mount_options.csv

index 759e51b0fe..b2df6c9f08 100644

--- a/sle12/templates/csv/mount_options.csv

+++ b/sle12/templates/csv/mount_options.csv

@@ -17,4 +17,3 @@

 /var/tmp,nodev

 /var/tmp,noexec

 /var/tmp,nosuid

-/var/tmp,bind

diff --git a/tests/data/group_system/group_permissions/group_partitions/partition.sh b/tests/data/group_system/group_permissions/group_partitions/partition.sh

index 333a574f5e..f74a98b5b3 100644

--- a/tests/data/group_system/group_permissions/group_partitions/partition.sh

+++ b/tests/data/group_system/group_permissions/group_partitions/partition.sh

@@ -8,16 +8,21 @@ create_partition() {

 }

 # $1: The mount point

-# $2: The additional mount options

+# $2: The type of file system

+# $3: The additional mount options

 make_fstab_given_partition_line() {

-	local _mount_point="$1" _additional_mount_options="$2"

+	local _mount_point="$1" _type="$2" _additional_mount_options="$3"

 	test -z "$_additional_mount_options" || _additional_mount_options=",$_additional_mount_options"

-	printf "%s     %s     ext2     rw%s     0 0\n" "$PARTITION" "$_mount_point" "$_additional_mount_options" > /etc/fstab

+	printf "%s     %s     %s     rw%s     0 0\n" "$PARTITION" "$_mount_point" "$_type" "$_additional_mount_options" >> /etc/fstab

 }

 # $1: The mount point

 make_fstab_correct_partition_line() {

-	make_fstab_given_partition_line "$1" "nodev,noexec,nosuid"

+	make_fstab_given_partition_line "$1" "ext2" "nodev,noexec,nosuid"

+}

+

+make_fstab_bind_partition_line() {

+	make_fstab_given_partition_line "$1" "none" "nodev,noexec,nosuid,bind"

 }

 # $1: The mount point

@@ -28,5 +33,13 @@ mount_partition() {

 mount_bind_partition() {

 	mkdir -p "$1"

-	mount --target -B "$1"

+	mount -B "$PARTITION" "$1"

+}

+

+# $1: The path to umount and remove from /etc/fstab

+clean_up_partition() {

+    path="$1"

+    escaped_path=${path//$'/'/$'\/'}

+    sed -i "/${escaped_path}/d" /etc/fstab

+    umount ${path} || true  # no problem if not mounted

 }

diff --git a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_home_nosuid/fstab.fail.sh b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_home_nosuid/fstab.fail.sh

index 498f44911f..0cc19818d9 100644

--- a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_home_nosuid/fstab.fail.sh

+++ b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_home_nosuid/fstab.fail.sh

@@ -7,6 +7,6 @@ umount /home || true  # no problem if not mounted

 create_partition

-make_fstab_given_partition_line /home nodev

+make_fstab_given_partition_line /home ext2 nodev

 mount_partition /home

diff --git a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_tmp_noexec/fstab.fail.sh b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_tmp_noexec/fstab.fail.sh

index 3128ad2aee..62d36b718a 100644

--- a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_tmp_noexec/fstab.fail.sh

+++ b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_tmp_noexec/fstab.fail.sh

@@ -5,6 +5,6 @@

 create_partition

-make_fstab_given_partition_line /tmp nodev

+make_fstab_given_partition_line /tmp ext2 nodev

 mount_partition /tmp

diff --git a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/configured_and_mounted.pass.sh b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/configured_and_mounted.pass.sh

new file mode 100644

index 0000000000..ad3c5d4f50

--- /dev/null

+++ b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/configured_and_mounted.pass.sh

@@ -0,0 +1,13 @@

+#!/bin/bash

+# profiles = xccdf_org.ssgproject.content_profile_C2S

+

+. ../partition.sh

+

+# Make sure scenario preparation starts from a clean state

+clean_up_partition /var/tmp

+

+# Redefine PARTITION variable defined in partition.sh

+PARTITION="/tmp"

+make_fstab_bind_partition_line /var/tmp

+

+mount_bind_partition /var/tmp

diff --git a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/just_configured.fail.sh b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/just_configured.fail.sh

new file mode 100644

index 0000000000..87e7fc9726

--- /dev/null

+++ b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/just_configured.fail.sh

@@ -0,0 +1,11 @@

+#!/bin/bash

+# profiles = xccdf_org.ssgproject.content_profile_C2S

+

+. ../partition.sh

+

+# Make sure scenario preparation starts from a clean state

+clean_up_partition /var/tmp

+

+# Redefine PARTITION variable defined in partition.sh

+PARTITION="/tmp"

+make_fstab_bind_partition_line /var/tmp

diff --git a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/just_mounted.fail.sh b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/just_mounted.fail.sh

new file mode 100644

index 0000000000..d1bcb5a220

--- /dev/null

+++ b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/just_mounted.fail.sh

@@ -0,0 +1,10 @@

+#!/bin/bash

+# profiles = xccdf_org.ssgproject.content_profile_C2S

+

+. ../partition.sh

+

+# Make sure scenario preparation starts from a clean state

+clean_up_partition /var/tmp

+

+# just mount the partition

+mount -B /tmp /var/tmp

diff --git a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/separated_and_mounted.fail.sh b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/separated_and_mounted.fail.sh

new file mode 100644

index 0000000000..e315c54293

--- /dev/null

+++ b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/separated_and_mounted.fail.sh

@@ -0,0 +1,14 @@

+#!/bin/bash

+# profiles = xccdf_org.ssgproject.content_profile_C2S

+

+. ../partition.sh

+

+# Make sure scenario preparation starts from a clean state

+clean_up_partition /var/tmp

+

+# by default /tmp is already configured and mounted

+

+# Redefine PARTITION

+mkdir -p "$PARTITION"

+make_fstab_bind_partition_line /var/tmp

+mount_bind_partition /var/tmp

diff --git a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/wrong_bind.fail.sh b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/wrong_bind.fail.sh

new file mode 100644

index 0000000000..6ec7d6cdea

--- /dev/null

+++ b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_bind/wrong_bind.fail.sh

@@ -0,0 +1,13 @@

+#!/bin/bash

+# profiles = xccdf_org.ssgproject.content_profile_C2S

+

+. ../partition.sh

+

+# Make sure scenario preparation starts from a clean state

+clean_up_partition /var/tmp

+

+# PARTITION is defined in partition.sh

+mkdir -p "$PARTITION"

+make_fstab_bind_partition_line /var/tmp

+

+mount_bind_partition /var/tmp

diff --git a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_noexec/fstab.fail.sh b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_noexec/fstab.fail.sh

index 37bc6e9881..431636bd13 100644

--- a/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_noexec/fstab.fail.sh

+++ b/tests/data/group_system/group_permissions/group_partitions/rule_mount_option_var_tmp_noexec/fstab.fail.sh

@@ -5,6 +5,6 @@

 create_partition

-make_fstab_given_partition_line /var/tmp nodev

+make_fstab_given_partition_line /var/tmp ext2 nodev

 mount_partition /var/tmp

diff --git a/ubuntu1404/templates/csv/mount_options.csv b/ubuntu1404/templates/csv/mount_options.csv

index 6e00a922cc..c85df506af 100644

--- a/ubuntu1404/templates/csv/mount_options.csv

+++ b/ubuntu1404/templates/csv/mount_options.csv

@@ -19,4 +19,3 @@

 /tmp,nodev

 /tmp,nosuid

 /usr,nodev

-/var/tmp,bind

diff --git a/ubuntu1604/templates/csv/mount_options.csv b/ubuntu1604/templates/csv/mount_options.csv

index 6e00a922cc..c85df506af 100644

--- a/ubuntu1604/templates/csv/mount_options.csv

+++ b/ubuntu1604/templates/csv/mount_options.csv

@@ -19,4 +19,3 @@

 /tmp,nodev

 /tmp,nosuid

 /usr,nodev

-/var/tmp,bind

diff --git a/wrlinux/templates/csv/mount_options.csv b/wrlinux/templates/csv/mount_options.csv

index 6bbdea38f9..9f4361a7f4 100644

--- a/wrlinux/templates/csv/mount_options.csv

+++ b/wrlinux/templates/csv/mount_options.csv

@@ -12,5 +12,4 @@

 /tmp,nodev

 /tmp,noexec

 /tmp,nosuid

-/var/tmp,bind