Information
Software sometimes insists on being installed in the /System/Volumes/Data/System Directory and has inappropriate world-writable permissions.
Macs with writable files in System should be investigated forensically. A file with open writable permissions is a sign of at best a rogue application. It could also be a sign of a computer compromise and a persistent presence on the system.
Folders in /System/Volumes/Data/System should not be world-writable. The audit check excludes the "Drop Box" folder that is part of Apple's default user template.
Solution
Run the following command to set permissions so that folders are not world-writable in the /System folder:
% /usr/bin/sudo IFS=$'
'
for sysPermissions in $( /usr/bin/sudo /usr/bin/find /System/Volumes/Data/System -type d -perm -2 | /usr/bin/grep -v "downloadDir" ); do
/bin/chmod -R o-w "$sysPermissions"
done
Impact:
Changing file permissions could disrupt the use of applications that rely on files in the System Folder with vulnerable permissions.