UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The root account's home directory (other than /) must have mode 0700.


Overview

Finding ID Version Rule ID IA Controls Severity
V-775 GEN000920 SV-37355r3_rule Medium
Description
Permissions greater than 0700 could allow unauthorized users access to the root home directory.
STIG Date
Red Hat Enterprise Linux 5 Security Technical Implementation Guide 2017-03-01

Details

Check Text ( C-36044r3_chk )
Check the mode of the root home directory.

Procedure:
# find ~root -type d -prune -exec ls -ld {} \;

If the mode of the directory is not set to 0700 or less permissive, this is a finding.

If the home directory is /, this check will be marked "Not Applicable".
Fix Text (F-31288r2_fix)
The root home directory will be configured to have permission set of 0700 or less permissive. Do not change the protections of the / directory. Use the following command to change protections for the root home directory:
# chmod 0700 /rootdir.