The sticky bit must be set on all public directories on AIX systems.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-215341	AIX7-00-003035	SV-215341r508663_rule		Medium

Description
Failing to set the sticky bit on public directories allows unauthorized users to delete files in the directory structure. The only authorized public directories are those temporary directories supplied with the system, or those designed to be temporary file repositories. The setting is normally reserved for directories used by the system, and by users for temporary file storage - such as /tmp - and for directories requiring global read/write access.

Description

Failing to set the sticky bit on public directories allows unauthorized users to delete files in the directory structure. The only authorized public directories are those temporary directories supplied with the system, or those designed to be temporary file repositories. The setting is normally reserved for directories used by the system, and by users for temporary file storage - such as /tmp - and for directories requiring global read/write access.

STIG	Date
IBM AIX 7.x Security Technical Implementation Guide	2022-06-06

Details

Check Text ( C-16539r294474_chk )
Verify all world-writable directories have the sticky bit set by running the command: # find / -type d -perm -002 ! -perm -1000 > wwlist # cat wwlist If any directories are listed in the "wwlist" file, this is a finding.

Fix Text (F-16537r294475_fix)
Set the sticky bit on all public directories, such as: # chmod 1777 /tmp (Replace /tmp with the public directory missing the sticky bit, if necessary.)