The Photon operating system must set the "umask" parameter correctly.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-256583 | SRG-OS-000480-GPOS-00228 | PHTN-30-000114 | SV-256583r991590_rule | 2024-12-16 | 1 |
| Description |
|---|
| The "umask" value influences the permissions assigned to files when they are created. The "umask" setting in "login.defs" controls the permissions for a new user's home directory. By setting the proper "umask", home directories will only allow the new user to read and write files there. |
| ℹ️ Check |
|---|
| At the command line, run the following command: # grep ^UMASK /etc/login.defs Example result: UMASK 077 If "UMASK" is not configured to "077", this a finding. Note: "UMASK" should only be specified once in login.defs. |
| ✔️ Fix |
|---|
| Navigate to and open: /etc/login.defs Ensure the "UMASK" line is uncommented and set to the following: UMASK 077 |