Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Red Hat Enterprise Linux operating system must be configured so that all local interactive user home directories have mode 0750 or less permissive.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-72017 | RHEL-07-020630 | SV-86641r3_rule | Medium |
| Description |
|---|
| Excessive permissions on local interactive user home directories may allow unauthorized access to user files by other users. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 7 Security Technical Implementation Guide | 2018-11-28 |
Details
| Check Text ( C-72249r2_chk ) |
|---|
| Verify the assigned home directory of all local interactive users has a mode of "0750" or less permissive. Check the home directory assignment for all non-privileged users on the system with the following command: Note: This may miss interactive users that have been assigned a privileged User Identifier (UID). Evidence of interactive use may be obtained from a number of log files containing system logon information. # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6) -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj If home directories referenced in "/etc/passwd" do not have a mode of "0750" or less permissive, this is a finding. |
| Fix Text (F-78369r2_fix) |
|---|
| Change the mode of interactive user's home directories to "0750". To change the mode of a local interactive user's home directory, use the following command: Note: The example will be for the user "smithj". # chmod 0750 /home/smithj |