STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Ubuntu operating system library directories must be owned by root.

DISA Rule

SV-219201r610963_rule

Vulnerability Number

V-219201

Group Title

SRG-OS-000259-GPOS-00100

Rule Version

UBTU-18-010136

Severity

CAT II

CCI(s)

• CCI-001499 - The organization limits privileges to change software resident within software libraries.

Weight

10

Fix Recommendation

Configure the library files and their respective parent directories to be protected from unauthorized access. Run the following command:

# sudo find /lib /usr/lib /lib64 ! -user root -type d -exec chown root '{}' \;

Check Contents

Verify the system-wide shared library directories "/lib", "/lib64" and "/usr/lib" are owned by root.

Check that the system-wide shared library directories are owned by root with the following command:

# sudo find /lib /usr/lib /lib64 ! -user root -type d -exec stat -c "%n %U" '{}' \;

If any system wide library directory is returned, this is a finding.

Vulnerability Number

V-219201

Documentable

False

Rule Version

UBTU-18-010136

Severity Override Guidance

Verify the system-wide shared library directories "/lib", "/lib64" and "/usr/lib" are owned by root.

Check that the system-wide shared library directories are owned by root with the following command:

# sudo find /lib /usr/lib /lib64 ! -user root -type d -exec stat -c "%n %U" '{}' \;

If any system wide library directory is returned, this is a finding.

Check Content Reference

M

Target Key

4055

Comments