Details

Daemons that are not defined in SELinux policy will inherit the security context of their parent process. Since daemons are launched and descend from the init process, they will inherit the security context label initrc_t. This could cause the unintended consequence of giving the process more permission than it requires.

Solution

Investigate any unconfined daemons found during the audit action. They may need to have an existing security context assigned to them or a policy built for them.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/1866https://workbench.cisecurity.org/files/1866

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

• 800-53|AC-3(3)
• CSCv6|14.4

Source

• Tenable.com/audits