1.6.4 Ensure access to /etc/motd is configured

Information

The contents of the /etc/motd file are displayed to users after login and function as a message of the day for authenticated users.

- IF - the /etc/motd file does not have the correct access configured, it could be modified by unauthorized users with incorrect or misleading information.

Solution

Run the following commands to set mode, owner, and group on /etc/motd :

# chown root:root $(readlink -e /etc/motd)
# chmod u-x,go-wx $(readlink -e /etc/motd)

- OR -

Run the following command to remove the /etc/motd file:

# rm /etc/motd

See Also

https://workbench.cisecurity.org/benchmarks/17074

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: Unix

Control ID: 434176f127b6e342e559a9d32f3b53a831780e3aeefd79c01abd6e13a9a9abf6