RHEL-07-010020 – The Red Hat Enterprise Linux operating system must be configured so that the cryptographic hash of system files and commands matches vendor values.

Details

Without cryptographic integrity protections, system command and files can be altered by unauthorized users without detection.

Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the key used to generate the hash.

Solution

Run the following command to determine which package owns the file:

# rpm -qf

The package can be reinstalled from a yum repository using the command:

# sudo yum reinstall

Alternatively, the package can be reinstalled from trusted media using the command:

# sudo rpm -Uvh

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_7_V3R5_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-5(3)
CAT|I
CCI|CCI-001749
Rule-ID|SV-214799r603261_rule
STIG-ID|RHEL-07-010020
STIG-Legacy|SV-86479
STIG-Legacy|V-71855
Vuln-ID|V-214799

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles