STIGQter STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The system default umask in /etc/profile must be 077.

DISA Rule

SV-209046r603263_rule

Vulnerability Number

V-209046

Group Title

SRG-OS-000480

Rule Version

OL6-00-000344

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

To ensure the default umask controlled by "/etc/profile" is set properly, add or correct the "umask" setting in "/etc/profile" to read as follows:

umask 077

Check Contents

Verify the "umask" setting is configured correctly in the "/etc/profile" file by running the following command:

# grep "umask" /etc/profile

All output must show the value of "umask" set to 077, as shown in the below:

# grep "umask" /etc/profile
umask 077

If the above command returns no output, or if the umask is configured incorrectly, this is a finding.

Vulnerability Number

V-209046

Documentable

False

Rule Version

OL6-00-000344

Severity Override Guidance

Verify the "umask" setting is configured correctly in the "/etc/profile" file by running the following command:

# grep "umask" /etc/profile

All output must show the value of "umask" set to 077, as shown in the below:

# grep "umask" /etc/profile
umask 077

If the above command returns no output, or if the umask is configured incorrectly, this is a finding.

Check Content Reference

M

Target Key

2928

Comments