Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-910 | GEN001640 | SV-910r2_rule | ECCD-1 ECCD-2 | High |
Description |
---|
World-writable files could be modified accidentally or maliciously to compromise system integrity. |
STIG | Date |
---|---|
SOLARIS 9 SPARC SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2015-10-01 |
Check Text ( C-402r9_chk ) |
---|
Check the permissions on the files or scripts executed from system startup scripts to see if they are world-writable. Create a list of all potential run command level scripts. # ls -l /etc/init.d/* | tr '\011' ' ' | tr -s ' ' | cut -f 9,9 -d " " OR # ls -l /sbin/init.d/* | tr '\011' ' ' | tr -s ' ' | cut -f 9,9 -d " " Create a list of world writeable files. # find / -perm -002 -type f >> worldWriteableFileList Determine if any of the world writeable files in worldWriteableFileList are called from the run command level scripts. Note: Depending upon the number of scripts vs world writeable files, it may be easier to inspect the scripts manually. # more `ls -l /etc/init.d/* | tr '\011' ' ' | tr -s ' ' | cut -f 9,9 -d " "` OR # more `ls -l /sbin/init.d/* | tr '\011' ' ' | tr -s ' ' | cut -f 9,9 -d " "` If any system startup script executes any file or script that is world-writable, this is a finding. |
Fix Text (F-1064r2_fix) |
---|
Remove the world-writable permission from programs or scripts executed by run control scripts. Procedure: # chmod o-w |