DISA STIGS Viewer

The Photon operating system must protect all "sysctl" configuration files from unauthorized access.

Overview

Finding ID Version Rule ID IA Controls Severity
V-256582 PHTN-30-000113 SV-256582r991589_rule   Medium
Description
The "sysctl" configuration file specifies values for kernel parameters to be set on boot. Incorrect or malicious configuration of these parameters can have a negative effect on system security.
STIG Date
VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide 2024-12-16

Details

Check Text (C-60257r887418_chk)
At the command line, run the following command:

# find /etc/sysctl.conf /etc/sysctl.d/* -xdev -type f -a '(' -perm -002 -o -not -user root -o -not -group root ')' -exec ls -ld {} \;

If any files are returned, this is a finding.
Fix Text (F-60200r887419_fix)
At the command line, run the following commands for each returned file:

# chmod 600 <file>
# chown root:root <file>