{"description": "\nTo properly set the owner of <code>/etc/cron.d</code>, run the command:\n\n  <pre>$ sudo chown root /etc/cron.d </pre>\n  ", "rationale": "Service configuration files enable or disable features of their respective services that if configured incorrectly\ncan lead to insecure and vulnerable configurations. Therefore, service configuration files should be owned by the\ncorrect user to prevent unauthorized changes.", "severity": "medium", "references": {"cis-csc": ["12", "13", "14", "15", "16", "18", "3", "5"], "cobit5": ["APO01.06", "DSS05.04", "DSS05.07", "DSS06.02"], "isa-62443-2009": ["4.3.3.7.3"], "isa-62443-2013": ["SR 2.1", "SR 5.2"], "iso27001-2013": ["A.10.1.1", "A.11.1.4", "A.11.1.5", "A.11.2.1", "A.13.1.1", "A.13.1.3", "A.13.2.1", "A.13.2.3", "A.13.2.4", "A.14.1.2", "A.14.1.3", "A.6.1.2", "A.7.1.1", "A.7.1.2", "A.7.3.1", "A.8.2.2", "A.8.2.3", "A.9.1.1", "A.9.1.2", "A.9.2.3", "A.9.4.1", "A.9.4.4", "A.9.4.5"], "nist": ["CM-6(a)", "AC-6(1)"], "nist-csf": ["PR.AC-4", "PR.DS-5"], "srg": ["SRG-OS-000480-GPOS-00227"], "cis": ["2.4.1.7"], "pcidss4": ["2.2.6", "2.2"]}, "control_references": {"cis": ["2.4.1.7"], "pcidss4": ["2.2.6", "2.2"]}, "components": [], "identifiers": {}, "ocil_clause": "/etc/cron.d does not have an owner of root", "ocil": "To check the ownership of <code>/etc/cron.d</code>,\nrun the command:\n<pre>$ ls -lL /etc/cron.d</pre>\nIf properly configured, the output should indicate the following owner:\n<code>root</code>", "oval_external_content": null, "fixtext": " Change the owner of the directory /etc/cron.d/ to root by running the following command:\n$ sudo chown root /etc/cron.d/", "checktext": "", "vuldiscussion": "", "srg_requirement": " The Ubuntu 22.04 /etc/cron.d directory must be owned by root.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Verify Owner on cron.d", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml", "template": {"name": "file_owner", "vars": {"filepath": "/etc/cron.d/", "uid_or_name": "0"}, "backends": {}}}