Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-38645 | RHEL-06-000345 | SV-50446r1_rule | Low |
Description |
---|
The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read and/or written to by unauthorized users. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2013-06-03 |
Check Text ( C-46205r1_chk ) |
---|
Verify the "umask" setting is configured correctly in the "/etc/login.defs" file by running the following command: # grep -i "umask" /etc/login.defs All output must show the value of "umask" set to 077, as shown in the below: # grep -i "umask" /etc/login.defs UMASK 077 If the above command returns no output, or if the umask is configured incorrectly, this is a finding. |
Fix Text (F-43594r1_fix) |
---|
To ensure the default umask controlled by "/etc/login.defs" is set properly, add or correct the "umask" setting in "/etc/login.defs" to read as follows: UMASK 077 |