STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system library directories must be owned by root.

DISA Rule

SV-234837r622137_rule

Vulnerability Number

V-234837

Group Title

SRG-OS-000259-GPOS-00100

Rule Version

SLES-15-010354

Severity

CAT II

CCI(s)

• CCI-001499 - The organization limits privileges to change software resident within software libraries.

Weight

10

Fix Recommendation

Configure the library files and their respective parent directories to be protected from unauthorized access. Run the following command:

> sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec chown root '{}' \;

Check Contents

Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib/" and "/usr/lib64" are owned by root.

Check that the system-wide shared library directories are owned by root with the following command:

> sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec stat -c "%n %U" '{}' \;

If any system wide library directory is returned, this is a finding.

Vulnerability Number

V-234837

Documentable

False

Rule Version

SLES-15-010354

Severity Override Guidance

Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib/" and "/usr/lib64" are owned by root.

Check that the system-wide shared library directories are owned by root with the following command:

> sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec stat -c "%n %U" '{}' \;

If any system wide library directory is returned, this is a finding.

Check Content Reference

M

Target Key

5274

Comments