Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-821 | GEN003720 | SV-64233r1_rule | ECLP-1 | Medium |
Description |
---|
Failure to give ownership of sensitive files or utilities to root provides the designated owner and unauthorized users with the potential to access sensitive information or change the system configuration possibly weakening the system's security posture. |
STIG | Date |
---|---|
Oracle Linux 5 Security Technical Implementation Guide | 2015-03-26 |
Check Text ( C-52687r1_chk ) |
---|
Check the owner of the xinetd configuration files. Procedure: # ls -lL /etc/xinetd.conf # ls -laL /etc/xinetd.d This is a finding if any of the above files or directories are not owned by root or bin. |
Fix Text (F-54843r2_fix) |
---|
Change the owner of the xinetd configuration files. # chown root /etc/xinetd.conf /etc/xinetd.d/* |