STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:SV-234993r622137_rule
V-234993
SRG-OS-000480-GPOS-00227
SLES-15-040090
CAT II
10
Change the mode of SUSE operating system local interactive user's home directories to "0750". To change the mode of a local interactive user's home directory, use the following command:
Note: The example will be for the user "smithj".
> sudo chmod 0750 /home/smithj
Verify the assigned home directory of all SUSE operating system local interactive users has a mode of "0750" or less permissive.
Check the home directory assignment for all non-privileged users on the system with the following command:
Note: This may miss interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information.
> ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)
-rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj
If home directories referenced in "/etc/passwd" do not have a mode of "0750" or less permissive, this is a finding.
V-234993
False
SLES-15-040090
Verify the assigned home directory of all SUSE operating system local interactive users has a mode of "0750" or less permissive.
Check the home directory assignment for all non-privileged users on the system with the following command:
Note: This may miss interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information.
> ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)
-rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj
If home directories referenced in "/etc/passwd" do not have a mode of "0750" or less permissive, this is a finding.
M
5274