1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
documentation_complete: true
title: Verify Group Who Owns /etc/crypttab File
description: '{{{ describe_file_group_owner(file="/etc/crypttab", group="root") }}}'
rationale: |-
The ownership of the /etc/crypttab file by the root group is important
because this file hosts encrypted block devices configuration. Protection
of this file is critical for system security. Assigning the ownership to
root ensures exclusive control of the encrypted block devices
configuration.
severity: medium
identifiers:
cce@rhel8: CCE-86362-1
cce@rhel9: CCE-86363-9
cce@rhel10: CCE-88558-2
ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/crypttab", group="root") }}}'
ocil: |-
{{{ ocil_file_group_owner(file="/etc/crypttab", group="root") }}}
fixtext: '{{{ fixtext_file_group_owner(file="/etc/crypttab", group="root") }}}'
srg_requirement: '{{{ srg_requirement_file_group_owner(file="/etc/crypttab", group="root") }}}'
template:
name: file_groupowner
vars:
filepath: /etc/crypttab
gid_or_name: root
|
