SV-234834r622137_rule
V-234834
SRG-OS-000259-GPOS-00100
SLES-15-010351
CAT II
10
Configure the library files to be protected from unauthorized access. Run the following command:
> sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec chmod 755 '{}' \;
Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib", and "/usr/lib64" have mode "0755" or less permissive.
Check that the system-wide shared library files have mode "0755" or less permissive with the following command:
> sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec stat -c "%n %a" '{}' \;
If any files are found to be group-writable or world-writable, this is a finding.
V-234834
False
SLES-15-010351
Verify the system-wide shared library files contained in the directories "/lib", "/lib64", "/usr/lib", and "/usr/lib64" have mode "0755" or less permissive.
Check that the system-wide shared library files have mode "0755" or less permissive with the following command:
> sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec stat -c "%n %a" '{}' \;
If any files are found to be group-writable or world-writable, this is a finding.
M
5274