STIGQter STIGQter: STIG Summary: VMware ESX 3 Server Version: 1 Release: 2 Benchmark Date: 22 Jul 2016: The root account's executable search path must be the vendor default and must contain only absolute paths.

DISA Rule

SV-776r3_rule

Vulnerability Number

V-776

Group Title

GEN000940

Rule Version

GEN000940

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit the root user's local initialization files. Change any found PATH variable settings to the vendor's default path for the root user. Remove any empty path entries or references to relative paths.

Check Contents

To view the root user's PATH, log in as the root user, and execute the following.
# env | grep PATH

This variable is formatted as a colon-separated list of directories.

If there is an empty entry, such as a leading or trailing colon or two consecutive colons, this is a finding.

If an entry begins with a character other than a slash (/) or other than "$PATH", it is a relative path and this is a finding.

If directories beyond those in the vendor's default root path are present, this is a finding.

Vulnerability Number

V-776

Documentable

False

Rule Version

GEN000940

Severity Override Guidance

To view the root user's PATH, log in as the root user, and execute the following.
# env | grep PATH

This variable is formatted as a colon-separated list of directories.

If there is an empty entry, such as a leading or trailing colon or two consecutive colons, this is a finding.

If an entry begins with a character other than a slash (/) or other than "$PATH", it is a relative path and this is a finding.

If directories beyond those in the vendor's default root path are present, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

1386

Comments