STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

All public directories must be owned by a system account.

DISA Rule

SV-209039r603263_rule

Vulnerability Number

V-209039

Group Title

SRG-OS-000480

Rule Version

OL6-00-000337

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

All directories in local partitions which are world-writable should be owned by root or another system account.

If any world-writable directories are not owned by a system account, this should be investigated.

Following this, the files should be deleted or assigned to an appropriate group.

Check Contents

The following command will discover and print world-writable directories that are not owned by a system account, given the assumption that only system accounts have a uid lower than 500. Run it once for each local partition [PART]:

# find [PART] -xdev -type d -perm -0002 -uid +500 -print

If there is output, this is a finding.

Vulnerability Number

V-209039

Documentable

False

Rule Version

OL6-00-000337

Severity Override Guidance

The following command will discover and print world-writable directories that are not owned by a system account, given the assumption that only system accounts have a uid lower than 500. Run it once for each local partition [PART]:

# find [PART] -xdev -type d -perm -0002 -uid +500 -print

If there is output, this is a finding.

Check Content Reference

M

Target Key

2928

Comments