Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system boot loader configuration file(s) must be group-owned by root.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-50939 | OL6-00-000066 | SV-65145r2_rule | Medium |
| Description |
|---|
| The "root" group is a highly-privileged group. Furthermore, the group-owner of this file should not have any access privileges anyway. |
| STIG | Date |
|---|---|
| Oracle Linux 6 Security Technical Implementation Guide | 2016-12-20 |
Details
| Check Text ( C-53391r2_chk ) |
|---|
| To check the group ownership of "/boot/grub/grub.conf", run the command: $ ls -lL /boot/etc/grub.conf If properly configured, the output should indicate the group-owner is "root". If it does not, this is a finding. |
| Fix Text (F-55741r2_fix) |
|---|
| The file "/boot/grub/grub.conf" should be group-owned by the "root" group to prevent destruction or modification of the file. To properly set the group owner of "/boot/grub/grub.conf", run the command: # chgrp root /boot/grub/grub.conf |