UCF STIG Viewer Logo

The cron.deny file must have mode 0600 or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4358 GEN003200 SV-27359r1_rule ECLP-1 Medium
Description
If file permissions for cron.deny are more permissive than 0600, sensitive information could be viewed or edited by unauthorized users.
STIG Date
SOLARIS 9 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE 2015-10-01

Details

Check Text ( C-28503r1_chk )
Check the mode of the cron.deny file.
# ls -lL /etc/cron.d/cron.deny
If the cron.deny file is more permissive than 0600, this is a finding.
Fix Text (F-24605r1_fix)
Change the mode of the cron.deny file.
# chmod 0600 /etc/cron.d/cron.deny