STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

V-11994

CAT II (Medium)

Crontabs must be owned by root or the crontab creator.

Rule ID

SV-45585r1_rule

STIG

SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

Version

V1R12

CCIs

CCI-000225

Discussion

To protect the integrity of scheduled system jobs and prevent malicious modification to these jobs, crontab files must be secured.

Check Content

List all crontabs on the system. 

# ls -lL /var/spool/cron /var/spool/cron/tabs


# ls -lL /etc/crontab /etc/cron.{d,daily,hourly,monthly,weekly}
or 
# ls -lL /etc/cron*|grep -v deny

If any crontab is not owned by root or the creating user, this is a finding

Fix Text

Change the crontab owner to root or the crontab creator.

# chown root <crontab file>
or 
# chown <user> <crontab file>