Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
All RHEL 9 local initialization files must have mode 0740 or less permissive.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-257889 | RHEL-09-232045 | SV-257889r991589_rule | Medium |
| Description |
|---|
| Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 9 Security Technical Implementation Guide | 2024-06-04 |
Details
| Check Text ( C-61630r925652_chk ) |
|---|
| Verify that all local initialization files have a mode of "0740" or less permissive with the following command: Note: The example will be for the "wadea" user, who has a home directory of "/home/wadea". $ sudo ls -al /home/wadea/.[^.]* | more -rwxr-xr-x 1 wadea users 896 Mar 10 2011 .profile -rwxr-xr-x 1 wadea users 497 Jan 6 2007 .login -rwxr-xr-x 1 wadea users 886 Jan 6 2007 .something If any local initialization files have a mode more permissive than "0740", this is a finding. |
| Fix Text (F-61554r925653_fix) |
|---|
| Set the mode of the local initialization files to "0740" with the following command: Note: The example will be for the wadea user, who has a home directory of "/home/wadea". $ sudo chmod 0740 /home/wadea/. |