GEN003920 - The hosts.lpd (or equivalent) file must be owned by root, bin, sys, or lp

Information

Failure to give ownership of the hosts.lpd file to root, bin, sys, or lp provides the designated owner, and possible unauthorized users, with the potential to modify the hosts.lpd file. Unauthorized modifications could disrupt access to local printers from authorized remote hosts or permit unauthorized remote access to local printers.

Solution

Change the owner of the /etc/hosts.lpd file (or equivalent, such as /etc/lp/Systems) to root, lp, or another privileged UID. Consult vendor documentation to determine the name and location of print service configuration files.
Procedure:
# chown root /etc/hosts.lpd

See Also

http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Rule-ID|SV-828r2_rule, STIG-ID|GEN003920, Vuln-ID|V-828

Plugin: Unix

Control ID: 0c022e7b53fbad7c6b7c1bd081cf010786198104809b2dfd099258a4b24ec47a