GEN001550 - Files and directories in user home directories must be group-owned by a group of which the home directory's owner is a member.

Information

If users do not own the files in their directories, unauthorized users may be able to access them. Additionally, if files are not owned by the user, this could be an indication of system compromise.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Change the ownership of files and directories in user home directories to the owner of the home directory.

Procedure:
# chown accountowner filename

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|III, CCI|CCI-000225, Group-ID|V-22351, Rule-ID|SV-37175r1_rule, STIG-ID|GEN001540, Vuln-ID|V-914

Plugin: Unix

Control ID: 42945ebf087197a2d8eb337acf9c661b4fb2a738db5d73f6a6e6a740ac6c9c11