3.3.4 Ensure permissions on /etc/hosts.allow are configured

Information

The /etc/hosts.allow file contains networking information that is used by many
applications and therefore must be readable for these applications to operate.

Rationale:

It is critical to ensure that the /etc/hosts.allow file is protected from unauthorized write
access. Although it is protected by default, the file permissions could be changed either
inadvertently or through malicious actions.

Solution

Run the following commands to set permissions on /etc/hosts.allow:

# chown root:root /etc/hosts.allow
# chmod 644 /etc/hosts.allow

See Also

https://workbench.cisecurity.org/files/2420

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CSCv6|5.1, CSCv7|5.1

Plugin: Unix

Control ID: 231eb537266ec2faa76956398894bf1fa29f7f191be01be3179fec0a3bb91030