UCF STIG Viewer Logo

All files and directories contained in user home directories must have mode 0750 or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-915 GEN001560 SV-915r6_rule ECLP-1 Low
Description
Excessive permissions allow unauthorized access to user files.
STIG Date
Draft AIX Security Technical Implementation Guide 2011-08-17

Details

Check Text ( C-431r3_chk )
For each user in the /etc/passwd file, check for files and directories with a mode more permissive than 0750.

Procedure:
# find / ! –fstype nfs ! /( –name .login –o –name .cshrc –o –name .logout –o –name .profile –o –name .bash_profile –o –name .bbashrc –o –name .env –o –name .dtprofile –o –name .dispatch –o –name .emacs –o –name .exrc \) \( -perm –0001 –o –perm –0002 –o –perm –0004 –o –perm –0020 -o -perm -2000 -o -perm -4000 \) -exec ls -ld {} \;

If user home directories contain files or directories more permissive than 0750, this is a finding.
Fix Text (F-1069r3_fix)
Change the mode of files and directories within user home directories to 0750.

Procedure:
# chmod 0750 filename

Document all changes.