Detections
Analytics
GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user.
Information
System backups could be accidentally or maliciously overwritten and destroy the ability to recover the system if a compromise should occur. Unauthorized users could also copy system files.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Use the chmod command to remove the world-writable bit from the backup device files.Procedure:
# chmod o-w <back device filename>
Document all changes.
See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip
Item Details
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-3f., CAT|III, CCI|CCI-000318, Group-ID|V-925, Rule-ID|SV-37543r3_rule, STIG-ID|GEN002260, Vuln-ID|V-923
Plugin: Unix
Control ID: 40eebfd5e896fff8c5267cd4095c401b36fc05e86319f128239c96ce92a4ccbc