UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system boot loader configuration file(s) must be group-owned by root, bin, sys, or system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-240411 VRAU-SL-000440 SV-240411r670974_rule Medium
Description
The system's boot loader configuration files are critical to the integrity of the system and must be protected. Unauthorized modifications resulting from improper group-ownership may compromise the boot loader configuration.
STIG Date
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide 2023-09-22

Details

Check Text ( C-43644r670972_chk )
Check /boot/grub/menu.lst ownership:

# stat /boot/grub/menu.lst

If the group-owner of the file is not "root", "bin", "sys", or "system", this is a finding.
Fix Text (F-43603r670973_fix)
Change the group-ownership of the file:

# chgrp root /boot/grub/menu.lst