STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-217182r603262_rule
V-217182
SRG-OS-000480-GPOS-00227
SLES-12-010830
CAT II
10
Change the group of the SUSE operating system world-writable directories to root with the following command:
# chgrp root <directory>
Verify all SUSE operating system world-writable directories are group-owned by root, sys, bin, or an application group.
Check the system for world-writable directories with the following command:
Note: The example below should be repeated for each locally defined partition. The value after -fstype must be replaced with the filesystem type. XFS is used as an example.
# find / -xdev -perm -002 -type d -fstype xfs -exec ls -lLd {} \;
drwxrwxrwt. 2 root root 40 Aug 26 13:07 /dev/mqueue
drwxrwxrwt. 2 root root 220 Aug 26 13:23 /dev/shm
drwxrwxrwt. 14 root root 4096 Aug 26 13:29 /tmp
If any world-writable directories are not owned by root, sys, bin, or an application group associated with the directory, this is a finding.
V-217182
False
SLES-12-010830
Verify all SUSE operating system world-writable directories are group-owned by root, sys, bin, or an application group.
Check the system for world-writable directories with the following command:
Note: The example below should be repeated for each locally defined partition. The value after -fstype must be replaced with the filesystem type. XFS is used as an example.
# find / -xdev -perm -002 -type d -fstype xfs -exec ls -lLd {} \;
drwxrwxrwt. 2 root root 40 Aug 26 13:07 /dev/mqueue
drwxrwxrwt. 2 root root 220 Aug 26 13:23 /dev/shm
drwxrwxrwt. 14 root root 4096 Aug 26 13:29 /tmp
If any world-writable directories are not owned by root, sys, bin, or an application group associated with the directory, this is a finding.
M
4033