6.1.12 Ensure no unowned or ungrouped files or directories exist

Information

Administrators may delete users or groups from the system and neglect to remove all files and/or directories owned by those users or groups.

A new user or group who is assigned a deleted user's user ID or group ID may then end up "owning" a deleted user or group's files, and thus have more access on the system than was intended.

Solution

Remove or set ownership and group ownership of these files and/or directories to an active user on the system as appropriate.

See Also

https://workbench.cisecurity.org/benchmarks/15287

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: Unix

Control ID: 810521a413c57875ea3f1907332f87cb6420df37aa8311cf583838c8b97fd448