RHEL 10 must enforce mode "0740" or less permissive for local initialization files.

STIG ID: RHEL-10-400235  |  SRG: SRG-OS-000080-GPOS-00048 |  Severity: medium (CAT II)  |  CCI: CCI-000213 |  Vulnerability Id: V-281064

Vulnerability Discussion

Local initialization files are used to configure the user's shell environment upon login. Malicious modification of these files could compromise accounts upon login.

Check

Verify RHEL 10 is configured so that all local initialization files have a mode of "0740" or less permissive with the following command:

Note: The example will be for the "disauser" user, who has a home directory of "/home/disauser".

$ sudo find /home -maxdepth 2 -type f -name ".*" -exec stat -c "%n %a" {} \; | awk '$2 > 740'
/home/disauser/.bash_profile 770

If any local initialization files are returned, this indicates a mode more permissive than "0740", and this is a finding.

Fix

Configure RHEL 10 so that all local initialization files have a mode of "0740" or less permissive with the following command:

Note: The example will be for the "disauser" user, who has a home directory of "/home/disauser".

$ sudo chmod 0740 /home/disauser/.<INIT_FILE>
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.