UCF STIG Viewer Logo

The system boot loader configuration file(s) must be group-owned by root, bin, sys, or system.


Finding ID Version Rule ID IA Controls Severity
V-89599 VRAU-SL-000440 SV-100249r1_rule Medium
The system's boot loader configuration files are critical to the integrity of the system and must be protected. Unauthorized modifications resulting from improper group-ownership may compromise the boot loader configuration.
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide 2018-10-12


Check Text ( C-89291r2_chk )
Check /boot/grub/menu.lst ownership:

# stat /boot/grub/menu.lst

If the group-owner of the file is not "root", "bin", "sys", or "system", this is a finding.
Fix Text (F-96341r1_fix)
Change the group-ownership of the file:

# chgrp root /boot/grub/menu.lst