SV-64381r1_rule
V-22386
GEN003090
GEN003090
CAT II
10
Remove the extended ACL from the file.
# setfacl --remove-all [crontab file]
Check the permissions of the crontab files.
Procedure:
# ls -lL /var/spool/cron
# ls -lL /etc/cron.d /etc/crontab /etc/cron.daily /etc/cron.hourly /etc/cron.monthly /etc/cron.weekly
or
# ls -lL /etc/cron*|grep -v deny
If the permissions include a '+', the file has an extended ACL. If the file has an extended ACL and it has not been documented with the IAO, this is a finding.
V-22386
False
GEN003090
Check the permissions of the crontab files.
Procedure:
# ls -lL /var/spool/cron
# ls -lL /etc/cron.d /etc/crontab /etc/cron.daily /etc/cron.hourly /etc/cron.monthly /etc/cron.weekly
or
# ls -lL /etc/cron*|grep -v deny
If the permissions include a '+', the file has an extended ACL. If the file has an extended ACL and it has not been documented with the IAO, this is a finding.
M
System Administrator
2207