The SLES for the vRealize boot loader configuration file(s) must have mode 0600 or less permissive.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-239506 | VROM-SL-000425 | SV-239506r661969_rule | Medium |
| Description |
|---|
| File permissions more permissive than 0600 on boot loader configuration files could allow an unauthorized user to view or modify sensitive information pertaining to system boot instructions. |
| STIG | Date |
|---|---|
| VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide | 2021-07-01 |
Details
| Check Text ( C-42739r661967_chk ) |
|---|
| Check the /boot/grub/menu.lst file: # stat /boot/grub/menu.lst If "/boot/grub/menu.lst" has a mode more permissive than "0600", this is a finding. |
| Fix Text (F-42698r661968_fix) |
|---|
| Change the mode of the "/boot/grub/menu.lst" file to "0600": # chmod 0600 /boot/grub/menu.lst |