6.1.12 Ensure no ungrouped files or directories exist

Information

Sometimes when administrators delete users or groups from the system they neglect to remove all files owned by those users or groups.

Rationale:

A new user who is assigned the deleted user's user ID or group ID may then end up 'owning' these files, and thus have more access on the system than was intended.

Solution

Locate files that are owned by users or groups not listed in the system configuration files, and reset the ownership of these files to some active user on the system as appropriate.

See Also

https://workbench.cisecurity.org/files/3636

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(4), CCI|CCI-002165, CSCv7|13.2, Rule-ID|SV-204464r603261_rule, STIG-ID|RHEL-07-020330

Plugin: Unix

Control ID: f18050a9fd6539e71b361638c9b61ac89ceee2c545399dbe79d6f5db770a8fb6