Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-204469 | RHEL-07-020640 | SV-204469r603830_rule | Medium |
Description |
---|
If a local interactive user does not own their home directory, unauthorized users could access or modify the user's files, and the users may not be able to access their own files. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 7 Security Technical Implementation Guide | 2022-12-06 |
Check Text ( C-4593r622293_chk ) |
---|
Verify the assigned home directory of all local interactive users on the system exists. Check the home directory assignment for all local interactive users on the system with the following command: # ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd) -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj If any home directories referenced in "/etc/passwd" are not owned by the interactive user, this is a finding. |
Fix Text (F-4593r88600_fix) |
---|
Change the owner of a local interactive user's home directories to that owner. To change the owner of a local interactive user's home directory, use the following command: Note: The example will be for the user smithj, who has a home directory of "/home/smithj". # chown smithj /home/smithj |