GEN003080 - Crontab files must have mode 0600 or less permissive, and files in cron script directories must have mode 0700 or less permissive - '/etc/crontab'

Information

To protect the integrity of scheduled system jobs and prevent malicious modification to these jobs, crontab files must be secured.

Solution

Change the mode of the crontab files.

# chmod 0600 /var/spool/cron/* /etc/cron.d/* /etc/crontab

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6, 800-53|CM-5(6), CAT|II, CCI|CCI-000225, CCI|CCI-001499, Rule-ID|SV-218436r603259_rule, STIG-ID|GEN003080, STIG-Legacy|SV-64391, STIG-Legacy|V-978, Vuln-ID|V-218436

Plugin: Unix

Control ID: b5a1146ca2ec776cd98e6c968bbcb5708f2fdcc0317e3cf3f4b982c679960d35