{"description": "\nTo properly set the owner of <code>/etc/cron.deny</code>, run the command:\n\n  <pre>$ sudo chown root /etc/cron.deny </pre>\n  ", "rationale": "Service configuration files enable or disable features of their respective services that if configured incorrectly\ncan lead to insecure and vulnerable configurations. Therefore, service configuration files should be owned by the\ncorrect user to prevent unauthorized changes.", "severity": "medium", "references": {"nist": ["CM-6 b"], "srg": ["SRG-OS-000480-GPOS-00227"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "/etc/cron.deny does not have an owner of root", "ocil": "To check the ownership of <code>/etc/cron.deny</code>,\nrun the command:\n<pre>$ ls -lL /etc/cron.deny</pre>\nIf properly configured, the output should indicate the following owner:\n<code>root</code>", "oval_external_content": null, "fixtext": " Change the owner of the file /etc/cron.deny/ to root by running the following command:\n$ sudo chown root /etc/cron.deny/", "checktext": "", "vuldiscussion": "", "srg_requirement": " The Ubuntu 22.04 /etc/cron.deny file must be owned by root.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Verify Owner on cron.deny", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml", "template": {"name": "file_owner", "vars": {"filepath": "/etc/cron.deny", "uid_or_name": "0"}, "backends": {}}}