SV-227064r603265_rule
V-227064
SRG-OS-000480
GEN008140
CAT II
10
Change the ownership of the certificate database files.
# chown root /var/ldap/cert8.db /var/ldap/key3.db /var/ldap/secmod.db
Check if the system is using NSS LDAP.
# grep -v '^#' /etc/nsswitch.conf | grep ldap
If no lines are returned, this vulnerability is not applicable.
Verify the ownership of the certificate database files.
# ls -lL /var/ldap/cert8.db /var/ldap/key3.db /var/ldap/secmod.db
If the owner of any of the files is not root, this is a finding.
V-227064
False
GEN008140
Check if the system is using NSS LDAP.
# grep -v '^#' /etc/nsswitch.conf | grep ldap
If no lines are returned, this vulnerability is not applicable.
Verify the ownership of the certificate database files.
# ls -lL /var/ldap/cert8.db /var/ldap/key3.db /var/ldap/secmod.db
If the owner of any of the files is not root, this is a finding.
M
4060