SV-216417r603267_rule
V-216417
SRG-OS-000480
SOL-11.1-070010
CAT II
10
The root role is required.
Ensure that the "sticky bit" is set on any directories identified during the check steps.
# chmod +t [directory name]
The root role is required.
Identify all world-writable directories without the "sticky bit" set.
# find / \( -fstype nfs -o -fstype cachefs -o -fstype autofs \
-o -fstype ctfs -o -fstype mntfs -o -fstype objfs \
-o -fstype proc \) -prune -o -type d \( -perm -0002 \
-a ! -perm -1000 \) -ls
Output of this command identifies world-writable directories without the "sticky bit" set. If output is created, this is a finding.
V-216417
False
SOL-11.1-070010
The root role is required.
Identify all world-writable directories without the "sticky bit" set.
# find / \( -fstype nfs -o -fstype cachefs -o -fstype autofs \
-o -fstype ctfs -o -fstype mntfs -o -fstype objfs \
-o -fstype proc \) -prune -o -type d \( -perm -0002 \
-a ! -perm -1000 \) -ls
Output of this command identifies world-writable directories without the "sticky bit" set. If output is created, this is a finding.
M
4022