6.2.8 Ensure root path integrity

Information

The root user can execute any command on the system and could be fooled into executing programs unintentionally if the PATH is not set correctly.

Including the current working directory (.) or other writable directory in root 's executable path makes it likely that an attacker can gain superuser access by forcing an administrator operating as root to execute a Trojan horse program.

Solution

Correct or justify any:

- Locations that are not directories
- Empty directories ( :: )
- Trailing ( : )
- Current working directory ( )
- Non root owned directories
- Directories that less restrictive than mode 0755

See Also

https://workbench.cisecurity.org/benchmarks/15286

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7(2)

Plugin: Unix

Control ID: 7e2d2c81e0457844746c5938ade21e60fc563698a3fe778efa737c3549a24804