GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user.

Information

System backups could be accidentally or maliciously overwritten and destroy the ability to recover the system if a compromise should occur. Unauthorized users could also copy system files.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Use the chmod command to remove the world-writable bit from the backup device files.

Procedure:
# chmod o-w <back device filename>

Document all changes.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|AC-6, 800-53|SC-4, CAT|II, CCI|CCI-000225, CCI|CCI-001090, Rule-ID|SV-218359r603259_rule, STIG-ID|GEN002300, STIG-Legacy|SV-63241, STIG-Legacy|V-925, Vuln-ID|V-218359

Plugin: Unix

Control ID: 7949569606eaf2b3e25612f628df447326647d9f4e9737080b688f79766716cc