The sticky bit must be set on all public directories.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-58431 | AOSX-09-001120 | SV-72861r1_rule | Medium |
| Description |
|---|
| The sticky bit must be set on all public directories, as it prevents users with write access to the directory from deleting or renaming files that belong to other users inside it. |
| STIG | Date |
|---|---|
| Apple OS X 10.9 (Mavericks) Workstation Security Technical Implementation Guide | 2017-01-05 |
Details
| Check Text ( C-59257r1_chk ) |
|---|
| Run the following command to view all world-writable directories that have the sticky bit set: sudo find / -type d \( -perm -0002 -a ! -perm -1000 \) If anything is returned, this is a finding. |
| Fix Text (F-63745r1_fix) |
|---|
| Run the following command to set the sticky bit on all world-writable directories: sudo find / -type d \( -perm -0002 -a ! -perm -1000 \) -exec chmod +t {} \; |