Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
All TOSS local interactive user home directories must be owned by root.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-252970 | TOSS-04-020310 | SV-252970r824234_rule | Medium |
| Description |
|---|
| Users' home directories/folders may contain information of a sensitive nature. Non-privileged users should coordinate any sharing of information with an SA through shared resources. |
| STIG | Date |
|---|---|
| Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide | 2022-08-29 |
Details
| Check Text ( C-56423r824232_chk ) |
|---|
| Check that all user home directories are owned by the root user with the following command: $ find $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd) -maxdepth 0 -not -user root -ls If there is any output, this is a finding. |
| Fix Text (F-56373r824233_fix) |
|---|
| Change the owner of interactive user's home directories to root. To change the owner of a local interactive user's home directory, use the following command: Note: The example will be for the user "smithj." $ sudo chown root /home/smithj |