The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.

An XCCDF Rule

Details
Profiles

Description

Discretionary access control is weakened if a user or group has access permissions to system files and directories greater than the default. Satisfies: SRG-OS-000257-GPOS-00098, SRG-OS-000278-GPOS-00108

ID: SV-204392r880752_rule
Version: RHEL-07-010010
Severity: High
References: CCI-001494 CCI-001496 CCI-002165 CCI-002235
Updated: 5 days ago

Remediation Templates

Run the following command to determine which package owns the file:

     # rpm -qf <filename>

Reset the user and group ownership of files within a package with the following command:
     # rpm --setugids <packagename>


Reset the permissions of files within a package with the following command:

     # rpm --setperms <packagename>

The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.

Description

Remediation Templates

A Manual Procedure