Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-50667 | OL6-00-000345 | SV-64873r1_rule | Low |
Description |
---|
The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read and/or written to by unauthorized users. |
STIG | Date |
---|---|
Oracle Linux 6 Security Technical Implementation Guide | 2018-03-01 |
Check Text ( C-53165r1_chk ) |
---|
Verify the "umask" setting is configured correctly in the "/etc/login.defs" file by running the following command: # grep -i "umask" /etc/login.defs All output must show the value of "umask" set to 077, as shown in the below: # grep -i "umask" /etc/login.defs UMASK 077 If the above command returns no output, or if the umask is configured incorrectly, this is a finding. |
Fix Text (F-55461r1_fix) |
---|
To ensure the default umask controlled by "/etc/login.defs" is set properly, add or correct the "umask" setting in "/etc/login.defs" to read as follows: UMASK 077 |