UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system default umask for the bash shell must be 077.


Overview

Finding ID Version Rule ID IA Controls Severity
V-38651 RHEL-06-000342 SV-50452r1_rule Low
Description
The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read and/or written to by unauthorized users.
STIG Date
Red Hat Enterprise Linux 6 Security Technical Implementation Guide 2016-06-05

Details

Check Text ( C-46211r1_chk )
Verify the "umask" setting is configured correctly in the "/etc/bashrc" file by running the following command:

# grep "umask" /etc/bashrc

All output must show the value of "umask" set to 077, as shown below:

# grep "umask" /etc/bashrc
umask 077
umask 077


If the above command returns no output, or if the umask is configured incorrectly, this is a finding.
Fix Text (F-43600r1_fix)
To ensure the default umask for users of the Bash shell is set properly, add or correct the "umask" setting in "/etc/bashrc" to read as follows:

umask 077