4506-nginx-pid-secured - Ensure NGINX Process ID (PID) File Is Secured
Rule ID
Category
Level
Compatible Versions
Description
- The nginx PID file stores the master process ID of the nginx process. This file should not be subject to unauthorized modifications.
Scan Frequency
Theory
- The PID file should be owned by root and group root. It should also be readable by everyone but writable only by root (permissions 644). This will prevent unauthorized modifications to the PID file, which could lead to a denial of service.
Risk Items
Audit Method
- Execute the following command to verify:
ls -l /var/run/nginx.pid
# The result should be
-rw-r--r--. 1 root root 6 Nov 12 01:06 /var/run/nginx.pid
- Execute the following commands:
#> chown root:root /var/run/nginx.pid
#> chmod 644 /var/run/nginx.pid
Impact
Default Value
- By default, the PID is owned by the root user
References
CIS Controls