6.1.12 Ensure no unowned or ungrouped files or directories exist

Information

Administrators may delete users or groups from the system and neglect to remove all files and/or directories owned by those users or groups.

A new user or group who is assigned a deleted user's user ID or group ID may then end up "owning" a deleted user or group's files, and thus have more access on the system than was intended.

Solution

Remove or set ownership and group ownership of these files and/or directories to an active user on the system as appropriate.

See Also

https://workbench.cisecurity.org/benchmarks/15288

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: Unix

Control ID: c4fa2bec10c101db685cea53055ea3b554734fdf4c630606da4455f3d3421831