GEN003920 - The hosts.lpd (or equivalent) file must be owned by root - /etc/printers.conf

Information

Failure to give ownership of the hosts.lpd file to root provides the designated owner, and possible unauthorized users, with the potential to modify the hosts.lpd file. Unauthorized modifications could disrupt access to local printers from authorized remote hosts or permit unauthorized remote access to local printers.

Solution

Change the owner of the print service configuration files.
Procedure:

# chown root /etc/apache/httpd-standalone-ipp.conf /etc/printers.conf /etc/sfw/smb.conf

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_SPARC_V2R4_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(4), CAT|II, CCI|CCI-002165, Rule-ID|SV-227079r854456_rule, STIG-ID|GEN003920, STIG-Legacy|SV-37455, STIG-Legacy|V-828, Vuln-ID|V-227079

Plugin: Unix

Control ID: 6842fe7f3ec9d6e915f898eeee9151226d682620a750d872a6833e0ca4fabd80