9.6 Ensure root PATH Integrity - writeable dir in path

Information

The root user can execute any command on the system and could be tricked into executing programs if the PATH is not set correctly.

Including the current working directory (.) or any other writable directory in root's executable path makes it likely that an attacker can gain superuser access by forcing an administrator operating as root to execute a malcode, such as a Trojan horse program.

Solution

Correct or justify any items discovered in the Audit step.

See Also

https://workbench.cisecurity.org/files/611

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6

Plugin: Unix

Control ID: 908c68213f5d26b6753029cd980359178ba755ea995a7b4cf3587e25c0652613