Information
While the system administrator can establish secure permissions for users' "dot" files, the users can easily override these.
Group or world-writable user configuration files may enable malicious users to steal or modify other users' data or to gain another user's system privileges.
Solution
Correct or justify any items discovered in the Audit step. Determine if any user hidden files are world-readable or writable, and work with those users to determine the best course of action in accordance with site policy.