Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
All network services daemon files must have mode 0755 or less permissive.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-786 | GEN001180 M6 | SV-37882r1_rule | ECLP-1 | Medium |
| Description |
|---|
| Restricting permission on daemons will protect them from unauthorized modification and possible system compromise. |
| STIG | Date |
|---|---|
| MAC OSX 10.6 Workstation Security Technical Implementation Guide Draft | 2013-01-10 |
Details
| Check Text ( C-37568r1_chk ) |
|---|
| Open a terminal session and enter the following command to check the mode of network services daemons (all on one line). find /usr/sbin -type f -perm +022 -exec stat -f %Lp:%N {} \; This will return the octal permissions and name of all files that are group or world-writable. If any network services daemon listed is world or group-writable (either or both of the 2 lowest order digits containing a 2, 3, 6, or 7), this is a finding. |
| Fix Text (F-32811r1_fix) |
|---|
| Open a terminal session and use the following command to change the mode of the network services daemon. chmod 755 |