RHEL-06-000048 - All system command files must be owned by root - /usr/local/bin/*.

Information

System binaries are executed by privileged users as well as system services, and restrictive permissions are necessary to ensure that their execution of these programs cannot be co-opted.

Solution

System executables are stored in the following directories by default:

/bin
/usr/bin
/usr/local/bin
/sbin
/usr/sbin
/usr/local/sbin

If any file [FILE] in these directories is found to be owned by a user other than root, correct its ownership with the following command:

# chown root [FILE]

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_6_V2R2_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(6), CAT|II, CCI|CCI-001499, Rule-ID|SV-217886r603264_rule, STIG-ID|RHEL-06-000048, STIG-Legacy|SV-50272, STIG-Legacy|V-38472, Vuln-ID|V-217886

Plugin: Unix

Control ID: f1b0c9a37f4f160b1ac04ff8e207913ba9525c7614e1ea57de0c52a069645fdd