Title

RHEL 9 cron configuration files directory must be owned by root. (Cat II impact)

Discussion

Service configuration files enable or disable features of their respective services that if configured incorrectly can lead to insecure and vulnerable configurations; therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.

Check Content

Verify the ownership of all cron configuration files with the command: $ stat -c "%U %n" /etc/cron* root /etc/cron.d root /etc/cron.daily root /etc/cron.deny root /etc/cron.hourly root /etc/cron.monthly root /etc/crontab root /etc/cron.weekly If any crontab is not owned by root, this is a finding.

Fix Text

Configure any cron configuration not owned by root with the following command: $ sudo chown root [cron config file]

Additional Identifiers

Rule ID: SV-257926r925765_rule

Vulnerability ID: V-257926

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.