UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

User start-up files must not execute world-writable programs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4087 GEN001940 SV-39812r1_rule DCSW-1 Medium
Description
If start-up files execute world-writable programs, especially in unprotected directories, they could be maliciously modified to become Trojans destroying user files or otherwise compromising the system at the user, or higher, level. If the system is compromised at the user level, it is much easier to eventually compromise the system at the root and network level.
STIG Date
Solaris 10 SPARC Security Technical Implementation Guide 2020-02-26

Details

Check Text ( C-38682r1_chk )
Check local initialization files for any executed world-writable programs or scripts.

Procedure:
# find / -perm -002 -type f | egrep -v '^(/proc|/system/contract)' > wwlist
# fgrep -f wwlist //.*

If any local initialization file executes a world-writable program or script, this is a finding.
Fix Text (F-4020r2_fix)
Remove the world-writable permission of files referenced by local initialization scripts, or remove the references to these files in the local initialization scripts.