[PATCH 4/8] Signed off on user_umask_logindefs

Sat, 29 Sep 2012 14:43:07 -0700 

>From e0a65a51cb7404566db3a542bed7c2c3323eceaf Mon Sep 17 00:00:00 2001
From: Shawn Wells <[email protected]>
Date: Fri, 28 Sep 2012 00:24:02 -0400
Subject: [PATCH 4/8] Signed off on user_umask_logindefs
 - Added text for OCIL condition to reflect failure if umask setting is not 
configured at all
 - Signed off on user_umask_logindefs

---
 RHEL6/input/system/accounts/session.xml |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/RHEL6/input/system/accounts/session.xml 
b/RHEL6/input/system/accounts/session.xml
index 694434e..6ca238b 100644
--- a/RHEL6/input/system/accounts/session.xml
+++ b/RHEL6/input/system/accounts/session.xml
@@ -288,7 +288,7 @@ add or correct the <tt>umask</tt> setting in 
<tt>/etc/login.defs</tt> to read as
 <rationale>The umask value influences the permissions assigned to files when 
they are created.
 A misconfigured umask value could result in files with excessive permissions 
that can be read and/or
 written to by unauthorized users.</rationale>
-<ocil clause="the umask is configured incorrectly">
+<ocil clause="the above command returns no output, or if the umask is 
configured incorrectly">
 Verify the <tt>umask</tt> setting is configured correctly in the 
<tt>/etc/login.defs</tt> file by
 running the following command:
 <pre># grep "umask" /etc/login.defs</pre>
@@ -299,6 +299,7 @@ umask 077</pre>
 <ident cce="14107-7" />
 <oval id="accounts_umask_login_defs" value="umask_user_value" />
 <ref nist="CM-6, CM-7"/>
+<tested by="SDW" on="20120929">
 </Rule>
 
 </Group>
-- 
1.7.1


_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide














    











					Reply via email to