SV-237610r646793_rule
V-237610
SRG-OS-000259-GPOS-00100
SLES-12-010874
CAT II
10
Configure the library files and their respective parent directories to be protected from unauthorized access. Run the following command:
> sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec chown root '{}' \;
Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib/" and "/usr/lib64" are owned by root.
Check that the system-wide shared library directories are owned by root with the following command:
> sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec stat -c "%n %U" '{}' \;
If any system wide library directory is returned, this is a finding.
V-237610
False
SLES-12-010874
Verify the system-wide shared library directories "/lib", "/lib64", "/usr/lib/" and "/usr/lib64" are owned by root.
Check that the system-wide shared library directories are owned by root with the following command:
> sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec stat -c "%n %U" '{}' \;
If any system wide library directory is returned, this is a finding.
M
4033