UCF STIG Viewer Logo

All files and directories contained in user home directories must be group-owned by a group where the home directory's owner is a member.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22351 GEN001550 M6 SV-38215r1_rule ECLP-1 Medium
Description
If a user's files are group-owned by a group where the user is not a member, unintended users may be able to access them.
STIG Date
MAC OSX 10.6 Workstation Security Technical Implementation Guide Draft 2013-01-10

Details

Check Text ( C-37683r1_chk )
Open a terminal session and enter the following commands to view the group ownership of the user’s directories and files.

ls -l /Users (shows users directory)

ls -lL /Users/

If any directory or file is not group owned by the user or a know users group, this is a finding.
Fix Text (F-32922r1_fix)
chgrp