UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system boot loader configuration file(s) must be owned by root.


Overview

Finding ID Version Rule ID IA Controls Severity
V-38579 RHEL-06-000065 SV-50380r2_rule Medium
Description
Only root should be able to modify important boot parameters.
STIG Date
Red Hat Enterprise Linux 6 Security Technical Implementation Guide 2018-11-28

Details

Check Text ( C-46137r2_chk )
To check the ownership of "/boot/grub/grub.conf", run the command:

$ ls -lL /boot/grub/grub.conf

If properly configured, the output should indicate that the owner is "root".
If it does not, this is a finding.
Fix Text (F-43527r2_fix)
The file "/boot/grub/grub.conf" should be owned by the "root" user to prevent destruction or modification of the file. To properly set the owner of "/boot/grub/grub.conf", run the command:

# chown root /boot/grub/grub.conf