UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Local initialization files must be group-owned by the user's primary group or root.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22361 GEN001870 SV-26481r1_rule ECLP-1 Medium
Description
Local initialization files are used to configure the user's shell environment upon login. Malicious modification of these files could compromise accounts upon logon.
STIG Date
VMware ESX 3 Server 2016-05-13

Details

Check Text ( C-27543r1_chk )
Check user home directories for local initialization files group-owned by a group other than the user's primary group or root.

1. List user accounts and their primary GID.
# cut -d : -f 1,4 /etc/passwd

2. Check local initialization files for each user.
# ls -alL ~USER/.login ~USER/.cshrc ~USER/.logout ~USER/.profile ~USER/.bash_profile ~USER/.bashrc ~USER/.bash_logout ~USER/.env ~USER/.dtprofile ~USER/.dispatch ~USER/.emacs ~USER/.exrc

3. If any file is not group-owned by root or the user's primary GID, this is a finding.
Fix Text (F-23709r1_fix)
Change the group owner of the local initialization file to the user's primary group, or root.
# chgrp [USER's primary GID] ~USER/[local initialization file]