The TOSS 5 cron configuration files directory must be owned by root.

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-282667TOSS-05-000183SV-282667r1200981_ruleCCI-000366medium
Description
Service configuration files enable or disable features of their respective services that if configured incorrectly can lead to insecure and vulnerable configurations; therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.
STIGDate
Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide2026-04-01

Details

Check Text (C-282667r1200981_chk)

Verify the ownership of all cron configuration files with the command: $ stat -c "%U %n" /etc/cron* root /etc/cron.d root /etc/cron.daily root /etc/cron.deny root /etc/cron.hourly root /etc/cron.monthly root /etc/crontab root /etc/cron.weekly If any crontab is not owned by root, this is a finding.

Fix Text (F-87133r1200980_fix)

Configure any cron configuration not owned by root using the following command: $ sudo chown root [cron config file]