{"description": "Set the mode of the bash history file to <tt>0600</tt> with the\nfollowing command:\n<pre>$ sudo chmod 0600 /home/<i>USER</i>/.bash_history</pre>", "rationale": "Incorrect permissions may enable malicious users to recover\nother users' command history.", "severity": "medium", "references": {"cis": ["7.2.10"]}, "control_references": {"cis": ["7.2.10"]}, "components": [], "identifiers": {}, "ocil_clause": "file is not 0600 or more permissive", "ocil": "To verify that .bash_history has a mode of <tt>0600</tt> or\nless permissive, run the following command:\n<pre>$ sudo find /home -type f -name '\\.bash_history' -perm /0177</pre>\nThere should be no output.", "oval_external_content": null, "fixtext": "Set the mode of the bash history file to \"0600\" with the following command:\n\nNote: The example will be for the smithj user, who has a home directory of \"/home/smithj\".\n\n$ sudo chmod 0600 /home/smithj/.bash_history", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Ensure User Bash History File Has Correct Permissions", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/accounts/accounts-session/file_permission_user_bash_history/rule.yml", "template": null}