STIGQter STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 1 Release: 17 Benchmark Date: 25 Oct 2019: The system boot loader configuration file(s) must have mode 0600 or less permissive.

DISA Rule

SV-65149r3_rule

Vulnerability Number

V-50943

Group Title

SRG-OS-999999

Rule Version

OL6-00-000067

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

File permissions for "/boot/grub/grub.conf" should be set to 600, which is the default. To properly set the permissions of "/boot/grub/grub.conf", run the command:

# chmod 600 /boot/grub/grub.conf

Boot partitions based on VFAT, NTFS, or other non-standard configurations may require alternative measures.

Check Contents

To check the permissions of "/boot/grub/grub.conf", run the command:

$ sudo ls -lL /boot/grub/grub.conf

If properly configured, the output should indicate the following permissions: "-rw-------"
If it does not, this is a finding.

Vulnerability Number

V-50943

Documentable

False

Rule Version

OL6-00-000067

Severity Override Guidance

To check the permissions of "/boot/grub/grub.conf", run the command:

$ sudo ls -lL /boot/grub/grub.conf

If properly configured, the output should indicate the following permissions: "-rw-------"
If it does not, this is a finding.

Check Content Reference

M

Target Key

2208

Comments