GEN003120 - Cron and crontab directories must be owned by root or bin - '/var/spool/cron'

Information

Incorrect ownership of the cron or crontab directories could permit unauthorized users the ability to alter cron jobs and run automated jobs as privileged users. Failure to give ownership of cron or crontab directories to root or to bin provides the designated owner and unauthorized users with the potential to access sensitive information or change the system configuration which could weaken the system's security posture.

Solution

Change the mode of the crontab directories.

# chown root <crontab directory>

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6, 800-53|CM-5(6), CAT|II, CCI|CCI-000225, CCI|CCI-001499, Rule-ID|SV-218441r603259_rule, STIG-ID|GEN003120, STIG-Legacy|SV-64293, STIG-Legacy|V-980, Vuln-ID|V-218441

Plugin: Unix

Control ID: 39a33483e3bd9caf46a30017d3e8fc34c7fc269835a98adf5227bb70b90a6cfc