1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
documentation_complete: true
title: 'Verify ownership of System Login Banner'
description: |-
{{{ describe_file_owner(file="/etc/issue", owner="root") }}}
rationale: |-
Display of a standardized and approved use notification before granting
access to the operating system ensures privacy and security notification
verbiage used is consistent with applicable federal laws, Executive Orders,
directives, policies, regulations, standards, and guidance.<br />
Proper ownership will ensure that only root user can modify the banner.
severity: medium
identifiers:
cce@rhel8: CCE-83718-7
cce@rhel9: CCE-86700-2
cce@rhel10: CCE-88544-2
cce@sle12: CCE-92234-4
cce@sle15: CCE-91356-6
cce@slmicro5: CCE-94057-7
references:
cis@sle12: 1.8.1.5
cis@sle15: 1.8.1.5
ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/issue", owner="root") }}}'
ocil: |-
{{{ ocil_file_owner(file="/etc/issue", owner="root") }}}
{{%- if product in ['sle15', 'slmicro5'] %}}
template:
name: file_owner
vars:
filepath: /etc/issue.d/
uid_or_name: '0'
file_regex: ^.*$
recursive: 'true'
{{%- else %}}
template:
name: file_owner
vars:
filepath: /etc/issue
uid_or_name: '0'
{{%- endif -%}}
|
