UCF STIG Viewer Logo

The inetd.conf and xinetd.conf files must not have extended ACLs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22424 GEN003745 SV-35073r1_rule ECLP-1 Medium
Description
The Internet service daemon configuration files must be protected as malicious modification could cause Denial of Service or increase the attack surface of the system.
STIG Date
HP-UX 11.23 Security Technical Implementation Guide 2015-12-02

Details

Check Text ( C-36526r2_chk )
Check the permissions of the inetd configuration file.
# find / -type f \( -name inetd.conf -o -name xinetd.conf \) | xargs -n1 ls -lL

If the permissions include a "+", the file has an extended ACL, this is a finding.
Fix Text (F-31887r1_fix)
Remove the optional ACL from the file.
# chacl -z