{"description": " To properly set the permissions of <code>/etc/crypttab</code>, run the command: <pre>$ sudo chmod 0600 /etc/crypttab</pre>", "rationale": "Setting correct permissions on the /etc/crypttab file is important\nbecause this file hosts encrypted block devices configuration. Protection\nof this file is critical for system security. Assigning the ownership to\nroot ensures exclusive control of the encrypted block devices\nconfiguration.", "severity": "medium", "references": {"anssi": ["R50"]}, "control_references": {"anssi": ["R50"]}, "components": [], "identifiers": {}, "ocil_clause": "/etc/crypttab does not have unix mode 0600", "ocil": "To check the permissions of <code>/etc/crypttab</code>,\nrun the command:\n<pre>$ ls -l /etc/crypttab</pre>\nIf properly configured, the output should indicate the following permissions:\n<code>0600</code>", "oval_external_content": null, "fixtext": " Configure the \"/etc/crypttab\" file to \"0600\" by running the following command:\n$ sudo chmod 0600 /etc/crypttab", "checktext": "", "vuldiscussion": "", "srg_requirement": " The Ubuntu 22.04 /etc/crypttab file must have mode 0600 or less permissive to prevent unauthorized access.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Verify Permissions On /etc/crypttab File", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/files/file_permissions_etc_crypttab/rule.yml", "template": {"name": "file_permissions", "vars": {"filepath": "/etc/crypttab", "filemode": "0600"}, "backends": {}}}