STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system library directories must be owned by root.

DISA Rule

SV-238350r654225_rule

Vulnerability Number

V-238350

Group Title

SRG-OS-000259-GPOS-00100

Rule Version

UBTU-20-010429

Severity

CAT II

CCI(s)

• CCI-001499 - The organization limits privileges to change software resident within software libraries.

Weight

10

Fix Recommendation

Configure the library files and their respective parent directories to be protected from unauthorized access. Run the following command:

$ sudo find /lib /usr/lib /lib64 ! -user root -type d -exec chown root '{}' \;

Check Contents

Verify the system-wide shared library directories "/lib", "/lib64", and "/usr/lib" are owned by root with the following command:

$ sudo find /lib /usr/lib /lib64 ! -user root -type d -exec stat -c "%n %U" '{}' \;

If any system-wide library directory is returned, this is a finding.

Vulnerability Number

V-238350

Documentable

False

Rule Version

UBTU-20-010429

Severity Override Guidance

Verify the system-wide shared library directories "/lib", "/lib64", and "/usr/lib" are owned by root with the following command:

$ sudo find /lib /usr/lib /lib64 ! -user root -type d -exec stat -c "%n %U" '{}' \;

If any system-wide library directory is returned, this is a finding.

Check Content Reference

M

Target Key

5318

Comments