rpms / scap-security-guide

Clone
Source Code
GIT

Files

  1.   dac76ab332cb6f7ca5cdbec311d2754a26f6d91e
  2.   SOURCES
  3.   scap-security-guide-0.1.50-add_rules_etc_hosts_file_permissions_PR_5323.patch
Blob Blame History Raw 
From af42925709b8cd1512fea9e4c532fb22ada45fe3 Mon Sep 17 00:00:00 2001
From: Watson Sato <wsato@redhat.com>
Date: Fri, 20 Mar 2020 14:33:53 +0100
Subject: [PATCH 1/4] Rules for /etc/hosts.allow permissions and owner

---
 .../file_groupowner_etc_hosts_allow/rule.yml  | 34 +++++++++++++++++++
 .../file_owner_etc_hosts_allow/rule.yml       | 34 +++++++++++++++++++
 .../file_permissions_etc_hosts_allow/rule.yml | 34 +++++++++++++++++++
 rhel7/profiles/cis.profile                    |  4 +++
 shared/references/cce-redhat-avail.txt        |  6 ----
 5 files changed, 106 insertions(+), 6 deletions(-)
 create mode 100644 linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
 create mode 100644 linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
 create mode 100644 linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml

diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
new file mode 100644
index 0000000000..7d43f93c42
--- /dev/null
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
@@ -0,0 +1,34 @@
+documentation_complete: true
+
+prodtype: ol7,rhel6,rhel7
+
+title: 'Verify Group Who Owns /etc/hosts.allow'
+
+description: |-
+    {{{ describe_file_group_owner(file="/etc/hosts.allow", group="root") }}}
+
+rationale: |-
+    The <tt>/etc/hosts.allow</tt> file is used to control access of clients to daemons in the
+    server. Insecure groupownership of this file could allow users to grant clients unrestricted
+    access or no access at all to services in the server.
+
+severity: medium
+
+identifiers:
+    cce@rhel7: 83823-5
+    cce@rhel8: 83824-3
+
+references:
+    cis@rhel7: 3.4.4
+
+ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/hosts.allow", group="root") }}}'
+
+ocil: |-
+    {{{ ocil_file_group_owner(file="/etc/hosts.allow", group="root") }}}
+
+template:
+    name: file_groupowner
+    vars:
+        filepath: /etc/hosts.allow
+        filegid: '0'
+        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
new file mode 100644
index 0000000000..a301406b45
--- /dev/null
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
@@ -0,0 +1,34 @@
+documentation_complete: true
+
+prodtype: ol7,rhel6,rhel7
+
+title: 'Verify User Who Owns /etc/hosts.allow'
+
+description: |-
+    {{{ describe_file_owner(file="/etc/hosts.allow", owner="root") }}}
+
+rationale: |-
+    The <tt>/etc/hosts.allow</tt> file is used to control access of clients to daemons in the
+    server. Insecure groupownership of this file could allow users to grant clients unrestricted
+    access or no access at all to services in the server.
+
+severity: medium
+
+identifiers:
+    cce@rhel7: 83825-0
+    cce@rhel8: 83826-8
+
+references:
+    cis@rhel7: 3.4.4
+
+ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/hosts.allow", owner="root") }}}'
+
+ocil: |-
+    {{{ ocil_file_owner(file="/etc/hosts.allow", owner="root") }}}
+
+template:
+    name: file_owner
+    vars:
+        filepath: /etc/hosts.allow
+        fileuid: '0'
+        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml
new file mode 100644
index 0000000000..0a35cbf57e
--- /dev/null
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml
@@ -0,0 +1,34 @@
+documentation_complete: true
+
+prodtype: ol7,rhel6,rhel7
+
+title: 'Verify Permissions on /etc/hosts.allow'
+
+description: |-
+    {{{ describe_file_permissions(file="/etc/hosts.allow", perms="0644") }}}
+
+rationale: |-
+    The <tt>/etc/hosts.allow</tt> file is used to control access of clients to daemons in the
+    server. Insecure groupownership of this file could allow users to grant clients unrestricted
+    access or no access at all to services in the server.
+
+severity: medium
+
+identifiers:
+    cce@rhel7: 83827-6
+    cce@rhel8: 83828-4
+
+references:
+    cis@rhel7: 3.4.4
+
+ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/hosts.allow", perms="-rw-r--r--") }}}'
+
+ocil: |-
+    {{{ ocil_file_permissions(file="/etc/hosts.allow", perms="-rw-r--r--") }}}
+
+template:
+    name: file_permissions
+    vars:
+        filepath: /etc/hosts.allow
+        filemode: '0644'
+        missing_file_pass: 'true'
diff --git a/rhel7/profiles/cis.profile b/rhel7/profiles/cis.profile
index 486fcf9a33..e50d8ddb43 100644
--- a/rhel7/profiles/cis.profile
+++ b/rhel7/profiles/cis.profile
@@ -353,6 +353,10 @@ selections:
     - configure_etc_hosts_deny
 
     ### 3.4.4 Ensure permissions on /etc/hosts.allow are configured (Scored)
+    - file_owner_etc_hosts_allow
+    - file_groupowner_etc_hosts_allow
+    - file_permissions_etc_hosts_allow
+
     ### 3.4.5 Ensure permissions on /etc/hosts.deny are configured (Scored)
 
     ## 3.5 Uncommon Network Protocols
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
index a0b117a964..e67f56f9aa 100644
--- a/shared/references/cce-redhat-avail.txt
+++ b/shared/references/cce-redhat-avail.txt
@@ -528,12 +528,6 @@ CCE-83819-3
 CCE-83820-1
 CCE-83821-9
 CCE-83822-7
-CCE-83823-5
-CCE-83824-3
-CCE-83825-0
-CCE-83826-8
-CCE-83827-6
-CCE-83828-4
 CCE-83829-2
 CCE-83830-0
 CCE-83831-8

From 0f43573a6c193e70e1ff02f92a0c2bf9957d2e1c Mon Sep 17 00:00:00 2001
From: Watson Sato <wsato@redhat.com>
Date: Fri, 20 Mar 2020 15:01:58 +0100
Subject: [PATCH 2/4] Rules for /etc/hosts.deny permissions and owner

---
 .../file_groupowner_etc_hosts_deny/rule.yml   | 34 +++++++++++++++++++
 .../file_owner_etc_hosts_deny/rule.yml        | 34 +++++++++++++++++++
 .../file_permissions_etc_hosts_deny/rule.yml  | 34 +++++++++++++++++++
 rhel7/profiles/cis.profile                    |  3 ++
 shared/references/cce-redhat-avail.txt        |  6 ----
 5 files changed, 105 insertions(+), 6 deletions(-)
 create mode 100644 linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
 create mode 100644 linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
 create mode 100644 linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml

diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
new file mode 100644
index 0000000000..db3105eb71
--- /dev/null
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
@@ -0,0 +1,34 @@
+documentation_complete: true
+
+prodtype: ol7,rhel6,rhel7
+
+title: 'Verify Group Who Owns /etc/hosts.deny'
+
+description: |-
+    {{{ describe_file_group_owner(file="/etc/hosts.deny", group="root") }}}
+
+rationale: |-
+    The <tt>/etc/hosts.deny</tt> file is used to control access of clients to daemons in the
+    server. Insecure groupownership of this file could allow users to grant clients unrestricted
+    access or no access at all to services in the server.
+
+severity: medium
+
+identifiers:
+    cce@rhel7: 84030-6
+    cce@rhel8: 84031-4
+
+references:
+    cis@rhel7: 3.4.4
+
+ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/hosts.deny", group="root") }}}'
+
+ocil: |-
+    {{{ ocil_file_group_owner(file="/etc/hosts.deny", group="root") }}}
+
+template:
+    name: file_groupowner
+    vars:
+        filepath: /etc/hosts.deny
+        filegid: '0'
+        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
new file mode 100644
index 0000000000..75380c7311
--- /dev/null
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
@@ -0,0 +1,34 @@
+documentation_complete: true
+
+prodtype: ol7,rhel6,rhel7
+
+title: 'Verify User Who Owns /etc/hosts.deny'
+
+description: |-
+    {{{ describe_file_owner(file="/etc/hosts.deny", owner="root") }}}
+
+rationale: |-
+    The <tt>/etc/hosts.deny</tt> file is used to control access of clients to daemons in the
+    server. Insecure groupownership of this file could allow users to grant clients unrestricted
+    access or no access at all to services in the server.
+
+severity: medium
+
+identifiers:
+    cce@rhel7: 84032-2
+    cce@rhel8: 84033-0
+
+references:
+    cis@rhel7: 3.4.5
+
+ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/hosts.deny", owner="root") }}}'
+
+ocil: |-
+    {{{ ocil_file_owner(file="/etc/hosts.deny", owner="root") }}}
+
+template:
+    name: file_owner
+    vars:
+        filepath: /etc/hosts.deny
+        fileuid: '0'
+        missing_file_pass: 'true'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml
new file mode 100644
index 0000000000..ea73fe48cd
--- /dev/null
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml
@@ -0,0 +1,34 @@
+documentation_complete: true
+
+prodtype: ol7,rhel6,rhel7
+
+title: 'Verify Permissions on /etc/hosts.deny'
+
+description: |-
+    {{{ describe_file_permissions(file="/etc/hosts.deny", perms="0644") }}}
+
+rationale: |-
+    The <tt>/etc/hosts.deny</tt> file is used to control access of clients to daemons in the
+    server. Insecure groupownership of this file could allow users to grant clients unrestricted
+    access or no access at all to services in the server.
+
+severity: medium
+
+identifiers:
+    cce@rhel7: 84034-8
+    cce@rhel8: 84035-5
+
+references:
+    cis@rhel7: 3.4.5
+
+ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/hosts.deny", perms="-rw-r--r--") }}}'
+
+ocil: |-
+    {{{ ocil_file_permissions(file="/etc/hosts.deny", perms="-rw-r--r--") }}}
+
+template:
+    name: file_permissions
+    vars:
+        filepath: /etc/hosts.deny
+        filemode: '0644'
+        missing_file_pass: 'true'
diff --git a/rhel7/profiles/cis.profile b/rhel7/profiles/cis.profile
index e50d8ddb43..5ac119768f 100644
--- a/rhel7/profiles/cis.profile
+++ b/rhel7/profiles/cis.profile
@@ -358,6 +358,9 @@ selections:
     - file_permissions_etc_hosts_allow
 
     ### 3.4.5 Ensure permissions on /etc/hosts.deny are configured (Scored)
+    - file_owner_etc_hosts_deny
+    - file_groupowner_etc_hosts_deny
+    - file_permissions_etc_hosts_deny
 
     ## 3.5 Uncommon Network Protocols
     ### 3.5.1 Ensure DCCP is disabled (Not Scored)
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
index e67f56f9aa..bb234a3131 100644
--- a/shared/references/cce-redhat-avail.txt
+++ b/shared/references/cce-redhat-avail.txt
@@ -729,12 +729,6 @@ CCE-84026-4
 CCE-84027-2
 CCE-84028-0
 CCE-84029-8
-CCE-84030-6
-CCE-84031-4
-CCE-84032-2
-CCE-84033-0
-CCE-84034-8
-CCE-84035-5
 CCE-84036-3
 CCE-84037-1
 CCE-84038-9

From d53500477288c69027127257802bb42355ca7848 Mon Sep 17 00:00:00 2001
From: Watson Sato <wsato@redhat.com>
Date: Fri, 20 Mar 2020 16:08:57 +0100
Subject: [PATCH 3/4] Fix cce assignmetns and references

Rules for /etc/hosts.allow and /etc/hosts.deny apply to rhel6 and rhel7
---
 .../file_groupowner_etc_hosts_allow/rule.yml                | 4 ++--
 .../file_groupowner_etc_hosts_deny/rule.yml                 | 6 +++---
 .../inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml    | 4 ++--
 .../inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml     | 4 ++--
 .../file_permissions_etc_hosts_allow/rule.yml               | 4 ++--
 .../file_permissions_etc_hosts_deny/rule.yml                | 4 ++--
 6 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
index 7d43f93c42..aa531e6ace 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
@@ -15,8 +15,8 @@ rationale: |-
 severity: medium
 
 identifiers:
-    cce@rhel7: 83823-5
-    cce@rhel8: 83824-3
+    cce@rhel6: 83823-5
+    cce@rhel7: 83824-3
 
 references:
     cis@rhel7: 3.4.4
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
index db3105eb71..fa024f1c27 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
@@ -15,11 +15,11 @@ rationale: |-
 severity: medium
 
 identifiers:
-    cce@rhel7: 84030-6
-    cce@rhel8: 84031-4
+    cce@rhel6: 84030-6
+    cce@rhel7: 84031-4
 
 references:
-    cis@rhel7: 3.4.4
+    cis@rhel7: 3.4.5
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/hosts.deny", group="root") }}}'
 
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
index a301406b45..80d5630c48 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
@@ -15,8 +15,8 @@ rationale: |-
 severity: medium
 
 identifiers:
-    cce@rhel7: 83825-0
-    cce@rhel8: 83826-8
+    cce@rhel6: 83825-0
+    cce@rhel7: 83826-0
 
 references:
     cis@rhel7: 3.4.4
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
index 75380c7311..2fc5f74355 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
@@ -15,8 +15,8 @@ rationale: |-
 severity: medium
 
 identifiers:
-    cce@rhel7: 84032-2
-    cce@rhel8: 84033-0
+    cce@rhel6: 84032-2
+    cce@rhel7: 84033-0
 
 references:
     cis@rhel7: 3.4.5
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml
index 0a35cbf57e..dc1560852a 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_allow/rule.yml
@@ -15,8 +15,8 @@ rationale: |-
 severity: medium
 
 identifiers:
-    cce@rhel7: 83827-6
-    cce@rhel8: 83828-4
+    cce@rhel6: 83827-6
+    cce@rhel7: 83828-4
 
 references:
     cis@rhel7: 3.4.4
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml
index ea73fe48cd..da806139ec 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_permissions_etc_hosts_deny/rule.yml
@@ -15,8 +15,8 @@ rationale: |-
 severity: medium
 
 identifiers:
-    cce@rhel7: 84034-8
-    cce@rhel8: 84035-5
+    cce@rhel6: 84034-8
+    cce@rhel7: 84035-5
 
 references:
     cis@rhel7: 3.4.5

From b7dc44d2feb734ed89736d1dea813b051e83cfb7 Mon Sep 17 00:00:00 2001
From: Watson Sato <wsato@redhat.com>
Date: Mon, 23 Mar 2020 14:18:24 +0100
Subject: [PATCH 4/4] Rewrite title of ownership rules

Rewrite title of rules for ownerhip and group ownership of of
/etc/hosts.allow and /etc/hosts.deny
---
 .../inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml   | 2 +-
 .../inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml    | 2 +-
 .../inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml        | 2 +-
 .../inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
index aa531e6ace..cee37ed9c6 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_allow/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
 
 prodtype: ol7,rhel6,rhel7
 
-title: 'Verify Group Who Owns /etc/hosts.allow'
+title: 'Verify Group Ownership of /etc/hosts.allow'
 
 description: |-
     {{{ describe_file_group_owner(file="/etc/hosts.allow", group="root") }}}
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
index fa024f1c27..403e99908b 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_groupowner_etc_hosts_deny/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
 
 prodtype: ol7,rhel6,rhel7
 
-title: 'Verify Group Who Owns /etc/hosts.deny'
+title: 'Verify Group Ownership of /etc/hosts.deny'
 
 description: |-
     {{{ describe_file_group_owner(file="/etc/hosts.deny", group="root") }}}
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
index 80d5630c48..b34be48968 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
 
 prodtype: ol7,rhel6,rhel7
 
-title: 'Verify User Who Owns /etc/hosts.allow'
+title: 'Verify Ownership of /etc/hosts.allow'
 
 description: |-
     {{{ describe_file_owner(file="/etc/hosts.allow", owner="root") }}}
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
index 2fc5f74355..e53ee5bc12 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
 
 prodtype: ol7,rhel6,rhel7
 
-title: 'Verify User Who Owns /etc/hosts.deny'
+title: 'Verify Ownership of /etc/hosts.deny'
 
 description: |-
     {{{ describe_file_owner(file="/etc/hosts.deny", owner="root") }}}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation