GEN001540 - All files and directories contained in interactive user's home directories must be owned by the home directory's owner.

Information

If users do not own the files in their directories, unauthorized users may be able to access them. Additionally, if files are not owned by the user, this could be an indication of system compromise.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Change the ownership of files and directories in user's home directories to the owner of the home directory.

Procedure:
# chown accountowner filename
OR
# find /<usershomedirectory> ! -fstype nfs ! -user <username> ! /( -name .login -o -name .cshrc -o -name .logout -o -name .profile -o -name .bash_profile -o -name .bashrc -o -name .env -o -name .dtprofile -o -name .dispatch -o -name .emacs -o -name .exrc ) -exec chown <username> {} ;

See Also

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|III, CCI|CCI-000225, Group-ID|V-914, Rule-ID|SV-914r2_rule, STIG-ID|GEN001540, Vuln-ID|V-914

Plugin: Unix

Control ID: f199397e51e42bc1c0bb27610255262731a123f7c43a998fb8f1fcbb4da81f9e