SV-237614r646805_rule
V-237614
SRG-OS-000259-GPOS-00100
SLES-12-010878
CAT II
10
Configure the system commands directories to be protected from unauthorized access. Run the following command:
> sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type d -exec chmod -R 755 '{}' \;
Verify the system commands directories have mode 0755 or less permissive:
/bin
/sbin
/usr/bin
/usr/sbin
/usr/local/bin
/usr/local/sbin
Check that the system command directories have mode 0755 or less permissive with the following command:
> find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type d -exec stat -c "%n %a" '{}' \;
If any directories are found to be group-writable or world-writable, this is a finding.
V-237614
False
SLES-12-010878
Verify the system commands directories have mode 0755 or less permissive:
/bin
/sbin
/usr/bin
/usr/sbin
/usr/local/bin
/usr/local/sbin
Check that the system command directories have mode 0755 or less permissive with the following command:
> find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -type d -exec stat -c "%n %a" '{}' \;
If any directories are found to be group-writable or world-writable, this is a finding.
M
4033