← Back to Red Hat Enterprise Linux 9 Security Technical Implementation Guide

V-257889

CAT II (Medium)

All RHEL 9 local initialization files must have mode 0740 or less permissive.

Rule ID

SV-257889r1184302_rule

STIG

Red Hat Enterprise Linux 9 Security Technical Implementation Guide

Version

V2R8

CCIs

CCI-000366

Discussion

Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon.

Check Content

Verify all local initialization files have a mode of "0740" or less permissive with the following command:
	
Note: The example will be for the "disauser" user, who has a home directory of "/home/disauser".
	
$ sudo find /home /root -maxdepth 2 -type f -name ".*" -perm /037 -ls

755 /home/disauser/.somepermissivefile
	
If any local initialization files are returned, this indicates a mode more permissive than "0740", and this is a finding.

Fix Text

Set the mode of the local initialization files to "0740" with the following command:

Note: The example will be for the disauser user, who has a home directory of "/home/disauser".

$ sudo chmod 0740 /home/disauser/.<INIT_FILE>