[Docs] Exception for user init file umask

Changing user initialization files in their home directories can be
disruptive. This patch adds docs to explain that.

Implements: blueprint security-rhel7-stig
Change-Id: I4ea76bc0bb27723788d9c0425f45b0b39aceea82

doc/metadata/rhel7/RHEL-07-021060.rst

@@ -1,7 +1,13 @@
 ---
 id: RHEL-07-021060
-status: not implemented
-tag: misc
+status: exception - manual intervention
+tag: file_perms
 ---
 
-This STIG requirement is not yet implemented.
+Although the STIG requires that all local interactive user accounts have a
+umask of ``077``, this change can be disruptive for users and the applications
+they run. This change cannot be applied in an automated way.
+
+Deployers should review user initialization files regularly to ensure that the
+umask is not specified. This allows the system-wide setting of ``077`` to be
+applied to all user sessions.