Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system default umask in /etc/login.defs must be 077.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-38645 | RHEL-06-000345 | SV-50446r1_rule | Low |
| Description |
|---|
| The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read and/or written to by unauthorized users. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2018-11-28 |
Details
| Check Text ( C-46205r1_chk ) |
|---|
| Verify the "umask" setting is configured correctly in the "/etc/login.defs" file by running the following command: # grep -i "umask" /etc/login.defs All output must show the value of "umask" set to 077, as shown in the below: # grep -i "umask" /etc/login.defs UMASK 077 If the above command returns no output, or if the umask is configured incorrectly, this is a finding. |
| Fix Text (F-43594r1_fix) |
|---|
| To ensure the default umask controlled by "/etc/login.defs" is set properly, add or correct the "umask" setting in "/etc/login.defs" to read as follows: UMASK 077 |