83fe89e0c8
Changing user initialization files in their home directories can be disruptive. This patch adds docs to explain that. Implements: blueprint security-rhel7-stig Change-Id: I4ea76bc0bb27723788d9c0425f45b0b39aceea82
486 B
486 B
---id: RHEL-07-021060 status: exception - manual intervention tag: file_perms ---
Although the STIG requires that all local interactive user accounts
have a umask of 077, this change can be disruptive for
users and the applications they run. This change cannot be applied in an
automated way.
Deployers should review user initialization files regularly to ensure
that the umask is not specified. This allows the system-wide setting of
077 to be applied to all user sessions.