{"description": "To ensure the root user's umask of the Bash shell is set properly,\nadd or correct the <tt>umask</tt> setting in <tt>/root/.bashrc</tt>\nor <tt>/root/.profile</tt> to read as follows:\n<pre>umask 0027</pre>", "rationale": "The umask value influences the permissions assigned to files when they are created.\nA misconfigured umask value could result in files with excessive permissions that can be read or\nwritten to by unauthorized users.", "severity": "medium", "references": {"cis": ["5.4.2.6"]}, "control_references": {"cis": ["5.4.2.6"]}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": null, "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "package[bash]", "platforms": ["package[bash]"], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": ["package_bash"], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Ensure the Root Bash Umask is Set Correctly", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_root/rule.yml", "template": null}