← Rules Catalog
highfilesystemverified rollback-safe

Set permissions on cron directories and files

cron-permissions · RHEL ≥ 8 · 1 impl

Description

The /etc/crontab file and cron directories (/etc/cron.d, /etc/cron.hourly, /etc/cron.daily, /etc/cron.weekly, /etc/cron.monthly) must have restrictive permissions to prevent unauthorized modification of scheduled tasks.

Rationale

Cron jobs run with the privileges specified in the crontab or as root for system cron directories. Unauthorized modification of these files could allow privilege escalation or persistent backdoor access.

Check → Remediate

Checkcomposed · 6 sub-checks (all must pass)
1. file_permission:
path=/etc/crontab mode=0600 owner=root group=root
2. file_permission:
path=/etc/cron.d mode=0700 owner=root group=root
3. file_permission:
path=/etc/cron.hourly mode=0700 owner=root group=root
4. file_permission:
path=/etc/cron.daily mode=0700 owner=root group=root
5. file_permission:
path=/etc/cron.weekly mode=0700 owner=root group=root
6. file_permission:
path=/etc/cron.monthly mode=0700 owner=root group=root
Remediatefile_permissions
path:
/etc/crontab
mode:
0600
owner:
root
group:
root

Framework references

CIS

rhel9 2.4.1.2rhel8 2.4.1.2rhel10 2.4.1.2

NIST 800-53

AC-6CM-6

Live verification

rhel10:checkrhel8:checkrhel9:check
#cron#permissions#security#hardening