UCF STIG Viewer Logo

The Photon operating system must protect all boot configuration files from unauthorized access.


Overview

Finding ID Version Rule ID IA Controls Severity
V-239189 PHTN-67-000118 SV-239189r675375_rule Medium
Description
Boot configuration files control how the system boots, including single-user mode, auditing, log levels, etc. Improper or malicious configurations can negatively affect system security and availability.
STIG Date
VMware vSphere 6.7 Photon OS Security Technical Implementation Guide 2021-04-15

Details

Check Text ( C-42400r675373_chk )
At the command line, execute the following command:

# find /boot/*.cfg -xdev -type f -a '(' -not -perm 600 -o -not -user root -o -not -group root ')' -exec ls -ld {} \;

If any files are returned, this is a finding.
Fix Text (F-42359r675374_fix)
At the command line, execute the following commands for each returned file:

# chmod 600
# chown root:root