6.3 Disable 'nobody' Access for RPC Encryption Key Storage Service - Check if 'ENABLE_NOBODY_KEYS' is set to NO.

Information

The keyserv process, if enabled, stores user keys that are utilized with Sun's Secure RPC mechanism.

Solution

Perform the following to implement the recommended state-
cd /etc/default
awk '/ENABLE_NOBODY_KEYS=/ { $1 = 'ENABLE_NOBODY_KEYS=NO' } { print }' keyserv >keyserv.new
mv keyserv.new keyserv
pkgchk -f -n -p /etc/default/keyserv

See Also

https://workbench.cisecurity.org/files/614

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CM-6b., 800-53|SC-12, CSCv6|3.1

Plugin: Unix

Control ID: d5883543b4f6b9f934e4b41c150e12dffb22f9478d25fd9852774f281445af08