5.1.5 Check Library folder for world writable files

Information

Software sometimes insists on being installed in the /Library Directory and have inappropriate world writable permissions. Folders in /Library should not be world writable. The audit check excludes the /Library/Caches folder where the sticky bit is set.

Solution

Change permissions so that "Others" can only execute. (Example Below) sudo chmod -R o-w /Bad/Directory

See Also

https://workbench.cisecurity.org/files/299

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6

Plugin: Unix

Control ID: ee24098412d71f5579d76cf5543a126a268aa6833eaf2e7fdebeac77c4ca99e2