iCompaas Support

Profile Applicability:
 • Level 1

Description:
 The /etc/motd (Message of the Day) file displays system messages to users upon login. Properly configuring access to this file prevents unauthorized modification or viewing of sensitive information, which could be exploited for social engineering or system reconnaissance.

Rationale:
 Restricting access to /etc/motd ensures that only authorized users can read or modify the message, maintaining message integrity and reducing information disclosure risks.

Impact:
 Pros:

• Protects the integrity and confidentiality of login messages.
  

• Prevents unauthorized users from modifying system messages.
  

Cons:

• Overly restrictive permissions might prevent legitimate users from viewing the message.
  

Default Value:
 By default, /etc/motd is typically world-readable but owned by root.

Pre-requisites:

• Root or sudo privileges to modify file permissions.
  

Remediation:

Test Plan:

Using Linux command line:

1. Check current permissions and ownership of /etc/motd:
   

   ls -l /etc/motd

   
   

2. Verify that the file is owned by root and permissions are appropriately restrictive (e.g., 644).
   

Implementation Plan:

Using Linux command line:

1. Set ownership to root:

chown root:root /etc/motd

2. Set permissions to restrict access:

chmod 644 /etc/motd

Backout Plan:

Using Linux command line:

1. Restore previous ownership and permissions if necessary (backup recommended).
   

2. Inform users if access changes impact usability.
   

References:

• CIS Amazon Linux 2 Benchmark v3.0.0
  

• Linux man page: motd