6.1.13 Audit SUID executables

Information

There are valid reasons for SUID programs, but it is important to identify and review such programs to ensure they are legitimate.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Ensure that no rogue SUID programs have been introduced into the system. Review the files returned by the action in the Audit section and confirm the integrity of these binaries.

See Also

https://workbench.cisecurity.org/files/1863

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(8), CSCv6|5.1

Plugin: Unix

Control ID: 7934e8b94bb551faad7a4104f5d0cdf5bbad37293a1ce92007a1c3c447a02eef