STIGQter: STIG Summary: VMware ESX 3 Server Version: 1 Release: 2 Benchmark Date: 22 Jul 2016: User start-up files must not execute world-writable programs.

DISA Rule

SV-4087r2_rule

Vulnerability Number

V-4087

Group Title

GEN001940

Rule Version

GEN001940

Severity

CAT II

CCI(s)

• CCI-000225 - The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Weight

10

Fix Recommendation

Remove the world-writable permission of files referenced by local initialization scripts, or remove the references to these files in the local initialization scripts.

Check Contents

Check local initialization files for any executed world-writable programs or scripts.

Procedure:
# more /<usershomedirectory>/.*
# ls -al <program or script>

If any local initialization file executes a world-writable program or script, this is a finding.

Vulnerability Number

V-4087

Documentable

False

Rule Version

GEN001940

Severity Override Guidance

Check local initialization files for any executed world-writable programs or scripts.

Procedure:
# more /<usershomedirectory>/.*
# ls -al <program or script>

If any local initialization file executes a world-writable program or script, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

1386

Comments