3.4.4 Ensure permissions on /etc/hosts.allow are configured

Information

The /etc/hosts.allow file contains networking information that is used by many applications and therefore must be readable for these applications to operate.

Rationale:

It is critical to ensure that the /etc/hosts.allow file is protected from unauthorized write access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.

Solution

Run the following commands to set permissions on /etc/hosts.allow :

# chown root:root /etc/hosts.allow
# chmod 644 /etc/hosts.allow

See Also

https://workbench.cisecurity.org/files/3738

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: Unix

Control ID: 0c345959d9929a7ad523eef0e374ff9cae91a6cf5e9413b3f0b6067abde5dc45