Disable D-Bus IPC Service (messagebus)
D-Bus provides an IPC mechanism used by
a growing list of programs, such as those used for Gnome, Bluetooth, and Avahi.
Due to these dependencies, disabling D-Bus may not be practical for
many systems.
The 'messagebus' service can be disabled with the following command:
'$ sudo systemctl disable messagebus'
If no services which require D-Bus are needed, then it
can be disabled. As a broker for IPC between processes of different privilege levels,
it could be a target for attack. However, disabling D-Bus is likely to be
impractical for any system which needs to provide
a graphical login session.
Fix:
#
# Disable messagebus.service for all systemd targets
#
systemctl disable messagebus.service
#
# Stop messagebus.service if currently running
#
systemctl stop messagebus.service
oval:org.secpod.oval:def:30387
oval:org.secpod.oval:def:31110
SCAP Repo OVAL Definition
2015-11-13