The Red Hat Enterprise Linux operating system must be configured so that the cryptographic hash of system files and commands matches vendor values.

From Red Hat Enterprise Linux 7 Security Technical Implementation Guide

Associated with: CCI-000663

SV-86479r3_rule The Red Hat Enterprise Linux operating system must be configured so that the cryptographic hash of system files and commands matches vendor values.

Vulnerability discussion

Without cryptographic integrity protections, system command and files can be altered by unauthorized users without detection.Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the key used to generate the hash.

Check content

Verify the cryptographic hash of system files and commands match the vendor values. Check the cryptographic hash of system files and commands with the following command: Note: System configuration files (indicated by a "c" in the second column) are expected to change over time. Unusual modifications should be investigated through the system audit log. # rpm -Va | grep '^..5' If there is any output from the command for system files or binaries, this is a finding.

Fix text

Run the following command to determine which package owns the file: # rpm -qf The package can be reinstalled from a yum repository using the command: # sudo yum reinstall Alternatively, the package can be reinstalled from trusted media using the command: # sudo rpm -Uvh

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.