SV-237612r646799_rule
V-237612
SRG-OS-000259-GPOS-00100
SLES-12-010876
CAT II
10
Configure the system library directories to be protected from unauthorized access. Run the following command:
> sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec chgrp root '{}' \;
Verify the system-wide library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
Check that the system-wide library directories are group-owned by root with the following command:
> sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec stat -c "%n %G" '{}' \;
If any system wide shared library directory is returned, this is a finding.
V-237612
False
SLES-12-010876
Verify the system-wide library directories "/lib", "/lib64", "/usr/lib" and "/usr/lib64" are group-owned by root.
Check that the system-wide library directories are group-owned by root with the following command:
> sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec stat -c "%n %G" '{}' \;
If any system wide shared library directory is returned, this is a finding.
M
4033