UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system boot loader configuration file(s) must be owned by root.


Overview

Finding ID Version Rule ID IA Controls Severity
V-208840 OL6-00-000065 SV-208840r603263_rule Medium
Description
Only root should be able to modify important boot parameters.
STIG Date
Oracle Linux 6 Security Technical Implementation Guide 2021-06-14

Details

Check Text ( C-9093r357500_chk )
To check the ownership of "/boot/grub/grub.conf", run the command:

$ ls -lL /boot/grub/grub.conf

If properly configured, the output should indicate that the owner is "root".
If it does not, this is a finding.
Fix Text (F-9093r357501_fix)
The file "/boot/grub/grub.conf" should be owned by the "root" user to prevent destruction or modification of the file. To properly set the owner of "/boot/grub/grub.conf", run the command:

# chown root /boot/grub/grub.conf