GEN003080-2 - Files in cron script directories must have mode 0700 or less permissive - '/etc/cron.monthly/*'

Information

To protect the integrity of scheduled system jobs and prevent malicious modification to these jobs, crontab files must be secured.

Solution

Change the mode of the cron scripts.
# chmod 0700 /etc/cron.daily/* /etc/cron.hourly/* /etc/cron.monthly/* /etc/cron.weekly/*

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Group-ID|V-29289, Rule-ID|SV-37745r1_rule, STIG-ID|GEN003080-2, Vuln-ID|V-29289

Plugin: Unix

Control ID: 2320467db7ee7f2056c424859d02596ed583c4ad601ccbac31bead5ebe24287c