STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

V-11994

CAT II (Medium)

Crontabs must be owned by root or the crontab creator.

Rule ID

SV-45585r1_rule

STIG

SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

Version

V1R12

CCIs

CCI-000225

Discussion

To protect the integrity of scheduled system jobs and prevent malicious modification to these jobs, crontab files must be secured.

Check Content

List all crontabs on the system. 

# ls -lL /var/spool/cron /var/spool/cron/tabs


# ls -lL /etc/crontab /etc/cron.{d,daily,hourly,monthly,weekly}
or 
# ls -lL /etc/cron*|grep -v deny

If any crontab is not owned by root or the creating user, this is a finding

Fix Text

Change the crontab owner to root or the crontab creator.

# chown root <crontab file>
or 
# chown <user> <crontab file>