Information
The system is audited for group writable files.
Rationale:
An audit should be performed on the system to search for the presence of group writable files.
In an extreme case - where this permission is required - the file needs to be added to the TSD and audit configurations.
The preference is no group writeable files.
Solution
Review the currently mounted local filesystems using the following to find all group writable files on local JFS/JFS2 filesystems only:
find / ( -fstype jfs -o -fstype jfs2 ) -type f -perm -g+w -ls
Remedy any files in the list, e.g., chmod g-w {filename}
Document any files, and motivate why they are group writeable, and also add documentation re: when/why this exception ceases.
Default Value:
N/A
Additional Information:
The audit procedure does not verify remote file systems (e.g., NFS). The expectation is that these are being audited on the file (e.g., NFS) server - rather than on all clients.