[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-91418-4

Platform: cpe:/o:apple:mac_os_x:10.11Date: (C)2018-02-22   (M)2023-07-04



Set the Global Umask Setting for the System The default global umask setting must be set to '022' for system processes. The setting '022' ensures that system process created files and directories will only be readable by other users and processes, not writable. This mitigates the risk that unauthorized users might be able to write to files and directories created by system processes. A more restrictive setting could potentially break the normal functionality of the system.


Parameter:

[Umask]


Technical Mechanism:

To view the umask setting, run the following command: umask If the setting is not '0022', this is a finding.

CCSS Severity:CCSS Metrics:
CCSS Score : 8.4Attack Vector: LOCAL
Exploit Score: 2.5Attack Complexity: LOW
Impact Score: 5.9Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:44004


OVAL    1
oval:org.secpod.oval:def:44004
XCCDF    1
xccdf_org.secpod_benchmark_general_Mac_OS_X_10_11

© SecPod Technologies