1.4.6 Check for Unconfined Daemons

Information

Daemons that are not defined in SELinux policy will inherit the security context of their parent process.

Rationale:

Since daemons are launched and descend from the init process, they will inherit the security context label initrc_t. This could cause the unintended consequence of giving the process more permission than it requires.

Solution

Investigate any unconfined daemons found during the audit action.

Default Value:

OS Default: No

See Also

https://workbench.cisecurity.org/files/3096

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-4, CSCv7|9.2

Plugin: Unix

Control ID: e391b9fff7887c60fca2145cb276efc805c80c68e1b17f8293028ab329beb6d9