Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-256583 | PHTN-30-000114 | SV-256583r918968_rule | Medium |
Description |
---|
The "umask" value influences the permissions assigned to files when they are created. The "umask" setting in "login.defs" controls the permissions for a new user's home directory. By setting the proper "umask", home directories will only allow the new user to read and write files there. |
STIG | Date |
---|---|
VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide | 2023-06-15 |
Check Text ( C-60258r918967_chk ) |
---|
At the command line, run the following command: # grep ^UMASK /etc/login.defs Example result: UMASK 077 If "UMASK" is not configured to "077", this a finding. Note: "UMASK" should only be specified once in login.defs. |
Fix Text (F-60201r887422_fix) |
---|
Navigate to and open: /etc/login.defs Ensure the "UMASK" line is uncommented and set to the following: UMASK 077 |