GEN003050 - Crontab files must be group-owned by root, cron, or the crontab creators primary group - '/etc/cron.daily/*'

Information

To protect the integrity of scheduled system jobs and prevent malicious modification to these jobs, crontab files must be secured.

Solution

Change the group owner of the crontab file to root, cron, or the crontab's primary group.

Procedure:
# chgrp root [crontab file]

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6, 800-53|CM-5(6), CAT|II, CCI|CCI-000225, CCI|CCI-001499, Rule-ID|SV-218434r603259_rule, STIG-ID|GEN003050, STIG-Legacy|SV-64399, STIG-Legacy|V-22385, Vuln-ID|V-218434

Plugin: Unix

Control ID: 976b77df41c4daa70d3aa6b5b3144e39df0f0b9e92672618c8433d01b9a87173