UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The /etc/news/incoming.conf (or equivalent) must have mode 0600 or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4273 GEN006260 SV-37901r1_rule ECLP-1 Medium
Description
Excessive permissions on the "incoming.conf" file may allow unauthorized modification which could lead to Denial-of-Service to authorized users or provide access to unauthorized users.
STIG Date
Red Hat Enterprise Linux 5 Security Technical Implementation Guide 2012-05-25

Details

Check Text ( C-37127r1_chk )
RHEL uses the InternetNewsDaemon (innd) news server. The file corresponding to "/etc/news/hosts.nntp" is "/etc/news/incoming.conf". Check the permissions for "/etc/news/incoming.conf".

# ls -lL /etc/news/incoming.conf

If "/etc/news/incoming.conf" has a mode more permissive than 0600, this is a finding.

Fix Text (F-32395r1_fix)
Change the mode of the "/etc/news/incoming.conf" file to 0600.

# chmod 0600 /etc/news/incoming.conf