STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated just now
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Red Hat Enterprise Linux 9 Security Technical Implementation Guide

V-257888

CAT II (Medium)

RHEL 9 permissions of cron configuration files and directories must not be modified from the operating system defaults.

Rule ID

SV-257888r1208771_rule

STIG

Red Hat Enterprise Linux 9 Security Technical Implementation Guide

Version

V2R9

CCIs

CCI-000366

Discussion

If the permissions of cron configuration files or directories are modified from the operating system defaults, it may be possible for individuals to insert unauthorized cron jobs that perform unauthorized actions, including potentially escalating privileges.

Check Content

Run the following command to verify that the owner, group, and mode of cron configuration files and directories match the operating system defaults:

$ rpm --verify cronie crontabs | awk '! ($2 == "c" && $1 ~ /^.\..\.\.\.\..\./) {print $0}'

If the command returns any output, this is a finding.

Fix Text

Run the following commands to restore the permissions of cron configuration files and directories to the operating system defaults:

$ sudo dnf reinstall cronie crontabs
$ rpm --setugids cronie crontabs
$ rpm --setperms cronie crontabs