UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The /etc/news/incoming.conf (or equivalent) must have mode 0600 or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4273 GEN006260 SV-46143r1_rule Medium
Description
Excessive permissions on the "incoming.conf" file may allow unauthorized modification which could lead to Denial-of-Service to authorized users or provide access to unauthorized users.
STIG Date
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide 2018-09-19

Details

Check Text ( C-43404r1_chk )
SUSE ships the InternetNewsDaemon (innd) news server. The file corresponding to "/etc/news/hosts.nntp" is "/etc/news/incoming.conf". Check the permissions for "/etc/news/incoming.conf".

# ls -lL /etc/news/incoming.conf

If "/etc/news/incoming.conf" has a mode more permissive than 0600, this is a finding.
Fix Text (F-39486r1_fix)
Change the mode of the "/etc/news/incoming.conf" file to 0600.

# chmod 0600 /etc/news/incoming/conf