RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - unlabeled_t

Information

If an unauthorized or modified device is allowed to exist on the system, there is the possibility the system may perform unintended or unauthorized operations.

Solution

Run the following command to determine which package owns the device file:

# rpm -qf <filename>

The package can be reinstalled from a yum repository using the command:

# sudo yum reinstall <packagename>

Alternatively, the package can be reinstalled from trusted media using the command:

# sudo rpm -Uvh <packagename>

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_7_V3R9_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-3f., 800-53|CM-5(1), 800-53|CM-6c., 800-53|CM-11(2), CAT|II, CCI|CCI-000318, CCI|CCI-000368, CCI|CCI-001812, CCI|CCI-001813, CCI|CCI-001814, Rule-ID|SV-204479r853899_rule, STIG-ID|RHEL-07-020900, STIG-Legacy|SV-86663, STIG-Legacy|V-72039, Vuln-ID|V-204479

Plugin: Unix

Control ID: 8f6cf90b78dc5ac3a2224682319ae47b5628149edce5ebf86d17ea99dda8e189