WA00530 A22 - The process ID (PID) file must be properly secured - config

Information

The PidFile directive sets the file path to the process ID file to which the server records the process id of the server, which is useful for sending a signal to the server process or for checking on the health of the process. If the PidFile is placed in a writable directory, other accounts could create a denial of service attack and prevent the server from starting by creating a PID file with the same name.

Solution

Modify the location, permissions, and/or ownership for the PID file folder.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_UNIX_V1R11_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, Rule-ID|SV-33222r1_rule, STIG-ID|WA00530_A22, Vuln-ID|V-26305

Plugin: Unix

Control ID: 4a37c699d0c6ac33c0c6be3c76af7d153b7cf1e70179676b8ef95a9ed977a842