UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Permissions on the virtual disk files are incorrect.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16881 ESX0055 SV-17881r1_rule ECSC-1 Medium
Description
Permissions for the virtual machine files will adhere to VMware’s best practices. The configuration file (.vmx), will be read, write, execute (rwx) for owner and read and execute (r-x) for group and read (r--) for others (754). The virtual machine’s virtual disk (.vmdk) will be read and write (rw-) for owner (600).
STIG Date
VMware ESX 3 Server 2016-05-13

Details

Check Text ( C-17470r1_chk )
On the ESX Server host, perform the following commands on the service console:

# find /vmfs or nfs –type f –name ‘*.vmdk’ –exec ls –Al {} \; | grep –v -- “rw--------“

Any result from this command is a finding. If no result is returned, this is not a finding.
Permissions for all .vmdk files should be 600 or rw-------. If they are not, this is a finding.
Fix Text (F-16730r1_fix)
Configure .vmdk files to 600.