From 14177a62504b5ffca0b08e89af3ec6221bc395ee Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Mon, 16 Sep 2024 16:00:21 -0500 Subject: [PATCH] Change directory_permissions_etc_iptables to 700 --- .../directory_permissions_etc_iptables/rule.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/linux_os/guide/system/network/network-iptables/directory_permissions_etc_iptables/rule.yml b/linux_os/guide/system/network/network-iptables/directory_permissions_etc_iptables/rule.yml index 95ad950afce..fe8bfe7c1de 100644 --- a/linux_os/guide/system/network/network-iptables/directory_permissions_etc_iptables/rule.yml +++ b/linux_os/guide/system/network/network-iptables/directory_permissions_etc_iptables/rule.yml @@ -2,7 +2,7 @@ documentation_complete: true title: Verify Permissions On /etc/iptables Directory -description: '{{{ describe_file_permissions(file="/etc/iptables", perms="0600") }}}' +description: '{{{ describe_file_permissions(file="/etc/iptables", perms="0700") }}}' rationale: |- Setting correct permissions on the /etc/iptables directory is important @@ -17,19 +17,19 @@ identifiers: cce@rhel9: CCE-86436-3 cce@rhel10: CCE-86577-4 -ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/iptables", perms="0600") }}}' +ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/iptables", perms="0700") }}}' ocil: |- - {{{ ocil_file_permissions(file="/etc/iptables", perms="0600") }}} + {{{ ocil_file_permissions(file="/etc/iptables", perms="0700") }}} platform: package[iptables] -fixtext: '{{{ fixtext_file_permissions(file="/etc/iptables", mode="0600") }}}' +fixtext: '{{{ fixtext_file_permissions(file="/etc/iptables", mode="0700") }}}' -srg_requirement: '{{{ srg_requirement_file_permission(file="/etc/iptables", mode="0600") }}}' +srg_requirement: '{{{ srg_requirement_file_permission(file="/etc/iptables", mode="0700") }}}' template: name: file_permissions vars: filepath: /etc/iptables/ - filemode: '0600' + filemode: '0700'