RHEL-07-010010 – The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.

Details

Discretionary access control is weakened if a user or group has access permissions to system files and directories greater than the default.

Satisfies: SRG-OS-000257-GPOS-00098, SRG-OS-000278-GPOS-00108

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Run the following command to determine which package owns the file:

# rpm -qf

Reset the user and group ownership of files within a package with the following command:

# rpm –setugids

Reset the permissions of files within a package with the following command:

# rpm –setperms

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_7_V3R5_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control, Audit and Accountability.This control applies to the following type of system Unix.

References

800-53|AC-3(4)
800-53|AC-6(10)
800-53|AU-9
800-53|AU-9(3)
CAT|I
CCI|CCI-001494
CCI|CCI-001496
CCI|CCI-002165
CCI|CCI-002235
Rule-ID|SV-204392r646841_rule
STIG-ID|RHEL-07-010010
STIG-Legacy|SV-86473
STIG-Legacy|V-71849
Vuln-ID|V-204392

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles