Navigate

Check: SRG-OS-000480-GPOS-00228

General Purpose Operating System SRG: SRG-OS-000480-GPOS-00228 (in versions v2 r7 through v1 r4)

Title

The operating system must define default permissions for all authenticated users in such a way that the user can only read and modify their own files. (Cat II impact)

Discussion

Setting the most restrictive default permissions ensures that when new accounts are created they do not have unnecessary access.

Check Content

Verify the operating system defines default permissions for all authenticated users in such a way that the user can only read and modify their own files. If it does not, this is a finding.

Fix Text

Configure the operating system to define default permissions for all authenticated users in such a way that the user can only read and modify their own files.

Additional Identifiers

Rule ID: SV-203781r388482_rule

Vulnerability ID: V-203781

Group Title: SRG-OS-000480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings