STIGQter STIGQter: STIG Summary: Oracle Linux 7 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Oracle Linux operating system must be configured so that all files and directories contained in local interactive user home directories are owned by the owner of the home directory.

DISA Rule

SV-221732r603260_rule

Vulnerability Number

V-221732

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

OL07-00-020660

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Change the owner of a local interactive user's files and directories to that owner. To change the owner of a local interactive user's files and directories, use the following command:

Note: The example will be for the user smithj, who has a home directory of "/home/smithj".

# chown smithj /home/smithj/<file or directory>

Check Contents

Verify all files and directories in a local interactive user's home directory are owned by the user.

Check the owner of all files and directories in a local interactive user's home directory with the following command:

Note: The example will be for the user "smithj", who has a home directory of "/home/smithj".

# ls -lLR /home/smithj
-rw-r--r-- 1 smithj smithj 18 Mar 5 17:06 file1
-rw-r--r-- 1 smithj smithj 193 Mar 5 17:06 file2
-rw-r--r-- 1 smithj smithj 231 Mar 5 17:06 file3

If any files are found with an owner different than the home directory user, this is a finding.

Vulnerability Number

V-221732

Documentable

False

Rule Version

OL07-00-020660

Severity Override Guidance

Verify all files and directories in a local interactive user's home directory are owned by the user.

Check the owner of all files and directories in a local interactive user's home directory with the following command:

Note: The example will be for the user "smithj", who has a home directory of "/home/smithj".

# ls -lLR /home/smithj
-rw-r--r-- 1 smithj smithj 18 Mar 5 17:06 file1
-rw-r--r-- 1 smithj smithj 193 Mar 5 17:06 file2
-rw-r--r-- 1 smithj smithj 231 Mar 5 17:06 file3

If any files are found with an owner different than the home directory user, this is a finding.

Check Content Reference

M

Target Key

4089

Comments