Security contexts are not defined for running daemons in SELinux
Description
Daemons are launched and descend from the init process. If no security contexts are defined for daemons in SELinux configuration, deamons will inherit the security context of their parent process (init process). This could cause the unintended consequence of giving the deamons more permission than it requires. Investigate any unconfined daemons found during the audit action. They may need to have an existing security context assigned to them or a policy built for them.
Severity
critical
Category
Linux - SELinux Hardening
Resolution
Follow the below steps to resolve the misconfiguration.
Get the list of unconfined daemons using the following command :
ps -eZ
They may need to have an existing security context assigned to them or a policy built for them.
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations.
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.