SV-226532r603265_rule
V-226532
SRG-OS-000480
GEN001540
CAT III
10
Change the ownership of files and directories in user's home directories to the owner of the home directory.
Procedure:
# chown accountowner filename
OR
# find /<usershomedirectory> ! -fstype nfs ! -user <username> ! /( -name .login -o -name .cshrc -o -name .logout -o -name .profile -o -name .bash_profile -o -name .bashrc -o -name .env -o -name .dtprofile -o -name .dispatch -o -name .emacs -o -name .exrc \) -exec chown <username> {} \;
For each user in the /etc/passwd file, check for the presence of files and directories within the user's home directory not owned by the home directory owner or root.
Procedure:
# cut -d : -f 6 /etc/passwd | xargs -n1 -IDIR ls -alLR DIR | more
OR
# find /<usershomedirectory> ! -fstype nfs ! -user <username> -exec ls -ld {} \; | more
If user's home directories contain files or directories not owned by the home directory owner or root, this is a finding.
V-226532
False
GEN001540
For each user in the /etc/passwd file, check for the presence of files and directories within the user's home directory not owned by the home directory owner or root.
Procedure:
# cut -d : -f 6 /etc/passwd | xargs -n1 -IDIR ls -alLR DIR | more
OR
# find /<usershomedirectory> ! -fstype nfs ! -user <username> -exec ls -ld {} \; | more
If user's home directories contain files or directories not owned by the home directory owner or root, this is a finding.
M
4060