6.1.11 Ensure no unowned files or directories exist

Information

Sometimes when administrators delete users from the password file they neglect to remove all files owned by those users from the system.

Rationale:

A new user who is assigned the deleted user's user ID or group ID may then end up 'owning' these files, and thus have more access on the system than was intended.

Solution

Locate files that are owned by users or groups not listed in the system configuration files, and reset the ownership of these files to some active user on the system as appropriate.

See Also

https://workbench.cisecurity.org/files/3636

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(4), CCI|CCI-002165, CSCv7|13.2, Rule-ID|SV-204463r603261_rule, STIG-ID|RHEL-07-020320

Plugin: Unix

Control ID: 28a080a893ae10d4bcac4f8f21923bd4007341076ffdf429a156546a05250ab3