The Red Hat Enterprise Linux operating system must be configured so that the cron.allow file, if it exists, is owned by root.

An XCCDF Rule

Description

If the owner of the "cron.allow" file is not set to root, the possibility exists for an unauthorized user to view or to edit sensitive information.

ID: SV-204490r603261_rule
Version: RHEL-07-021110
Severity: Medium
References: CCI-000366
Updated: 15 days ago

Remediation Templates

Set the owner on the "/etc/cron.allow" file to root with the following command:

# chown root /etc/cron.allow