The Photon operating system must set the UMASK parameter correctly.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-239193 | PHTN-67-000122 | SV-239193r675387_rule | Medium |
| Description |
|---|
| The umask value influences the permissions assigned to files when they are created. The umask setting in login.defs controls the permissions for a new user's home directory. By setting the proper umask, home directories will only allow the new user to read and write files there. Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00230 |
| STIG | Date |
|---|---|
| VMware vSphere 6.7 Photon OS Security Technical Implementation Guide | 2022-09-27 |
Details
| Check Text ( C-42404r675385_chk ) |
|---|
| At the command line, execute the following command: # grep UMASK /etc/login.defs Expected result: UMASK 077 If the output does not match the expected result, this a finding. |
| Fix Text (F-42363r675386_fix) |
|---|
| Open /etc/login.defs with a text editor. Ensure that the "UMASK" line is uncommented and set to the following: UMASK 077 |