Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
All local interactive user home directories must be owned by their respective users.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-72019 | RHEL-07-020640 | SV-86643r3_rule | Medium |
| Description |
|---|
| If a local interactive user does not own their home directory, unauthorized users could access or modify the user's files, and the users may not be able to access their own files. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 7 Security Technical Implementation Guide | 2017-07-08 |
Details
| Check Text ( C-72251r4_chk ) |
|---|
| Verify the assigned home directory of all local interactive users on the system exists. Check the home directory assignment for all local interactive non-privileged users on the system with the following command: Note: This may miss interactive users that have been assigned a privileged UID. Evidence of interactive use may be obtained from a number of log files containing system logon information. # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6) -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj If any home directories referenced in "/etc/passwd" are returned as not defined, this is a finding. |
| Fix Text (F-78371r1_fix) |
|---|
| Change the owner of a local interactive user’s home directories to that owner. To change the owner of a local interactive user’s home directory, use the following command: Note: The example will be for the user smithj, who has a home directory of "/home/smithj". # chown smithj /home/smithj |