UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

All files and directories contained in user home directories must be group-owned by a group where the home directory's owner is a member.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22351 GEN001550 M6 SV-38215r1_rule ECLP-1 Medium
Description
If a user's files are group-owned by a group where the user is not a member, unintended users may be able to access them.
STIG Date
MAC OSX 10.6 Workstation Security Technical Implementation Guide Draft 2013-01-10

Details

Check Text ( C-37683r1_chk )
Open a terminal session and enter the following commands to view the group ownership of the user’s directories and files.

ls -l /Users (shows users directory)

ls -lL /Users/

If any directory or file is not group owned by the user or a know users group, this is a finding.
Fix Text (F-32922r1_fix)
chgrp