SV-238347r654216_rule
V-238347
SRG-OS-000259-GPOS-00100
UBTU-20-010426
CAT II
10
Configure the library files to be protected from unauthorized access. Run the following command:
$ sudo find /lib /lib64 /usr/lib -perm /022 -type f -exec chmod 755 '{}' \;
Verify the system-wide shared library files contained in the directories "/lib", "/lib64", and "/usr/lib" have mode 0755 or less permissive with the following command:
$ sudo find /lib /lib64 /usr/lib -perm /022 -type f -exec stat -c "%n %a" '{}' \;
/usr/lib64/pkcs11-spy.so
If any files are found to be group-writable or world-writable, this is a finding.
V-238347
False
UBTU-20-010426
Verify the system-wide shared library files contained in the directories "/lib", "/lib64", and "/usr/lib" have mode 0755 or less permissive with the following command:
$ sudo find /lib /lib64 /usr/lib -perm /022 -type f -exec stat -c "%n %a" '{}' \;
/usr/lib64/pkcs11-spy.so
If any files are found to be group-writable or world-writable, this is a finding.
M
5318