Check: GEN005240
Title
The .Xauthority utility must only permit access to authorized hosts. (Cat II impact)
Discussion
If unauthorized clients are permitted access to the X server, a user's X session may be compromised.
Check Content
Check the X Window system access is limited to authorized clients. Procedure: # ps -ef | grep X # xauth -i list Ask the SA if the clients listed are authorized. If any are not, this is a finding.
Fix Text
Remove unauthorized clients from the xauth configuration. # xauth remove <display name>
Additional Identifiers
Rule ID:
Vulnerability ID: V-12017
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000225 |
The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions. |
Controls
Number | Title |
---|---|
AC-6 |
Least Privilege |