UCF STIG Viewer Logo

The root accounts home directory (other than /) must have mode 0700 or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-775 GEN000920 SV-64359r2_rule Medium
Description
Permissions greater than 0700 could allow unauthorized users access to the root home directory.
STIG Date
Oracle Linux 5 Security Technical Implementation Guide 2020-02-25

Details

Check Text ( C-52761r2_chk )
Check the mode of the root home directory.

Procedure:
# find ~root -type d -prune -exec ls -ld {} \;

If the home directory is /, this check will be marked "Not Applicable".

If the mode of the directory is not set to 0700 or less permissive, this is a finding.
Fix Text (F-54941r2_fix)
The root home directory will be configured to have permission set of 0700 or less permissive. Do not change the protections of the / directory. Use the following command to change protections for the root home directory:

# chmod 0700 /rootdir.