An error occurred:

Check: GEN003080

VMware ESX 3 Server: GEN003080 (in version v1 r2)

Title

Crontab files must have mode 0600 or less permissive, and files in cron script directories must have mode 0700 or less permissive. (Cat II impact)

Discussion

To protect the integrity of scheduled system jobs and prevent malicious modification to these jobs, crontab files must be secured.

Check Content

Check the modes of the crontab and cron job script files. If the mode is more permissive than 0600 for crontab files or 0700 for cron job script files, this is a finding.

Fix Text

Change the modes of crontab files to 0600 and cron job script files to 0700.

Additional Identifiers

Rule ID: SV-978r2_rule

Vulnerability ID: V-978

Group Title: GEN003080

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000225

The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-6

Least Privilege