WA00530 W22 – The process ID (PID) file must be properly secured.

Details

The PidFile directive sets the path to the process ID file to which the server records the process ID of the server, which is useful for sending a signal to the server process or for checking on the health of the process. If the PidFile is placed in a writable directory, other accounts could create a denial of service attack and prevent the server from starting by creating a PID file with the same name.

Solution

Modify the location and/or permissions for the PID file and/or folder.

Supportive Information

The following resource is also helpful.

https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_WIN_V1R13_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control, Configuration Management.This control applies to the following type of system Windows.

References

800-53|AC-6(7)(b)
800-53|CM-6b.
CAT|II
CSCv6|3.1
Rule-ID|SV-33177r1_rule
STIG-ID|WA00530_W22
Vuln-ID|V-26305

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles