>From 6dad1826d96e89e5dfb7610be888ca54626c1515 Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Fri, 28 Sep 2012 00:48:20 -0400 Subject: [PATCH 7/8] Signed off on - Signed off on
--- RHEL6/input/system/accounts/session.xml | 11 ++++++----- 1 files changed, 6 insertions(+), 5 deletions(-) diff --git a/RHEL6/input/system/accounts/session.xml b/RHEL6/input/system/accounts/session.xml index fbb5e8d..a6ba3ad 100644 --- a/RHEL6/input/system/accounts/session.xml +++ b/RHEL6/input/system/accounts/session.xml @@ -205,7 +205,7 @@ operator="equals" interactive="0"> </Value> <Rule id="user_umask_bashrc"> -<title>Ensure the Default Bash Umask is Set Correctly</title> +<title>Ensure the Default Bash umask is Set Correctly</title> <description> To ensure the default umask for users of the Bash shell is set properly, add or correct the <tt>umask</tt> setting in <tt>/etc/bashrc</tt> to read @@ -215,7 +215,7 @@ as follows: <rationale>The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read and/or written to by unauthorized users.</rationale> -<ocil clause="the umask is configured incorrectly"> +<ocil clause="the above command returns no output, or if the umask is configured incorrectly"> Verify the <tt>umask</tt> setting is configured correctly in the <tt>/etc/bashrc</tt> file by running the following command: <pre># grep "umask" /etc/bashrc</pre> @@ -228,10 +228,11 @@ umask 077</pre> <ident cce="3844-8" /> <oval id="accounts_umask_bash_users" value="umask_user_value"/> <ref nist="CM-6, CM-7" disa="366"/> +<tested by="swells" on="20120929"/> </Rule> <Rule id="user_umask_cshrc"> -<title>Ensure the Default C Shell Umask is Set Correctly</title> +<title>Ensure the Default C Shell umask is Set Correctly</title> <description> To ensure the default umask for users of the C shell is set properly, add or correct the <tt>umask</tt> setting in <tt>/etc/csh.cshrc</tt> to read as follows: @@ -240,7 +241,7 @@ add or correct the <tt>umask</tt> setting in <tt>/etc/csh.cshrc</tt> to read as <rationale>The umask value influences the permissions assigned to files when they are created. A misconfigured umask value could result in files with excessive permissions that can be read and/or written to by unauthorized users.</rationale> -<ocil clause="the umask is configured incorrectly"> +<ocil clause="the above command returns no output, or if the umask is configured incorrectly"> Verify the <tt>umask</tt> setting is configured correctly in the <tt>/etc/csh.cshrc</tt> file by running the following command: <pre># grep "umask" /etc/csh.cshrc</pre> @@ -251,9 +252,9 @@ umask 077</pre> <ident cce="4227-5" /> <oval id="accounts_umask_csh" value="umask_user_value"/> <ref nist="CM-6, CM-7"/> +<tested by="swells" on="20120929"/> </Rule> - <Rule id="user_umask_profile"> <title>Ensure the Default umask is Set Correctly in /etc/profile</title> <description> -- 1.7.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
