RHEL 9 permissions of cron configuration files and directories must not be modified from the operating system defaults.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-257888 | RHEL-09-232040 | SV-257888r1069378_rule | CCI-000366 | medium |
| Description | ||||
| If the permissions of cron configuration files or directories are modified from the operating system defaults, it may be possible for individuals to insert unauthorized cron jobs that perform unauthorized actions, including potentially escalating privileges. | ||||
| STIG | Date | |||
| Red Hat Enterprise Linux 9 Security Technical Implementation Guide | 2025-05-14 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-257888r1069378_chk)
Run the following command to verify that the owner, group, and mode of cron configuration files and directories match the operating system defaults:
$ rpm --verify cronie crontabs | awk '! ($2 == "c" && $1 ~ /^.\..\.\.\.\..\./) {print $0}'
If the command returns any output, this is a finding.
Fix Text (F-61553r1069377_fix)
Run the following commands to restore the permissions of cron configuration files and directories to the operating system defaults:
$ sudo dnf reinstall cronie crontabs
$ rpm --setugids cronie crontabs
$ rpm --setperms cronie crontabs