The Photon operating system must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-258856 | SRG-OS-000480-GPOS-00228 | PHTN-40-000187 | SV-258856r991590_rule | 2024-07-11 | 2 |
| Description |
|---|
| Setting the most restrictive default permissions ensures that when new accounts are created they do not have unnecessary access. |
| ℹ️ Check |
|---|
| At the command line, run the following command to verify the default umask configuration: # grep '^UMASK' /etc/login.defs Expected result: UMASK 077 If the "UMASK" option is not set to "077", is missing or commented out, this is a finding. |
| ✔️ Fix |
|---|
| Navigate to and open: /etc/login.defs Add or update the following line: UMASK 077 |