Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-900 | GEN001460 | SV-64579r1_rule | ECSC-1 | Low |
Description |
---|
If a user has a home directory defined that does not exist, the user may be given the / directory, by default, as the current working directory upon logon. This could create a Denial of Service because the user would not be able to perform useful tasks in this location. |
STIG | Date |
---|---|
Oracle Linux 5 Security Technical Implementation Guide | 2015-03-26 |
Check Text ( C-52993r1_chk ) |
---|
Use pwck to verify assigned home directories exist. # pwck If any user's assigned home directory does not exist, this is a finding. |
Fix Text (F-55175r1_fix) |
---|
If a user has no home directory, determine why. If possible, delete accounts without a home directory. If the account is valid, then create the home directory using the appropriate system administration utility or manually. For instance: mkdir directoryname; copy the skeleton files into the directory; chown accountname for the new directory and the skeleton files. Document all changes. |