Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-207564 | BIND-9X-001111 | SV-207564r612253_rule | Medium |
Description |
---|
Incorrect ownership of a TSIG key file could allow an adversary to modify the file, thus defeating the security objective. |
STIG | Date |
---|---|
BIND 9.x Security Technical Implementation Guide | 2021-06-23 |
Check Text ( C-7819r283746_chk ) |
---|
With the assistance of the DNS Administrator, identify all of the TSIG keys used by the BIND 9.x implementation. Identify the account that the "named" process is running as: # ps -ef | grep named named 3015 1 0 12:59 ? 00:00:00 /usr/sbin/named -u named -t /var/named/chroot With the assistance of the DNS Administrator, determine the location of the TSIG keys used by the BIND 9.x implementation. # ls –al -rw-------. 1 named named 76 May 10 20:35 tsig-example.key If any of the TSIG keys are not group owned by the above account, this is a finding. |
Fix Text (F-7819r283747_fix) |
---|
Change the group ownership of the TSIG keys to the named process group. # chgrp |