Check: PHTN-67-000118
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000118
(in versions v1 r6 through v1 r1)
Title
The Photon operating system must protect all boot configuration files from unauthorized access. (Cat II impact)
Discussion
Boot configuration files control how the system boots, including single-user mode, auditing, log levels, etc. Improper or malicious configurations can negatively affect system security and availability.
Check Content
At the command line, execute the following command: # find /boot/*.cfg -xdev -type f -a '(' -not -perm 600 -o -not -user root -o -not -group root ')' -exec ls -ld {} \; If any files are returned, this is a finding.
Fix Text
At the command line, execute the following commands for each returned file: # chmod 600 <file> # chown root:root <file>
Additional Identifiers
Rule ID: SV-239189r675375_rule
Vulnerability ID: V-239189
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |