STIGQter: STIG Summary: Oracle Linux 7 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Oracle Linux operating system must be configured so that local initialization files do not execute world-writable programs.

DISA Rule

SV-221739r603260_rule

Vulnerability Number

V-221739

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

OL07-00-020730

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Set the mode on files being executed by the local initialization files with the following command:

# chmod 0755 <file>

Check Contents

Verify that local initialization files do not execute world-writable programs.

Check the system for world-writable files with the following command:

# find / -xdev -perm -002 -type f -exec ls -ld {} \; | more

For all files listed, check for their presence in the local initialization files with the following commands:

Note: The example will be for a system that is configured to create users' home directories in the "/home" directory.

# grep <file> /home/*/.*

If any local initialization files are found to reference world-writable files, this is a finding.

Vulnerability Number

V-221739

Documentable

False

Rule Version

OL07-00-020730

Severity Override Guidance

Verify that local initialization files do not execute world-writable programs.

Check the system for world-writable files with the following command:

# find / -xdev -perm -002 -type f -exec ls -ld {} \; | more

For all files listed, check for their presence in the local initialization files with the following commands:

Note: The example will be for a system that is configured to create users' home directories in the "/home" directory.

# grep <file> /home/*/.*

If any local initialization files are found to reference world-writable files, this is a finding.

Check Content Reference

M

Target Key

4089

Comments