UCF STIG Viewer Logo

The Photon operating system must ensure root $PATH entries are appropriate.


Overview

Finding ID Version Rule ID IA Controls Severity
V-239150 PHTN-67-000079 SV-239150r675258_rule Medium
Description
The $PATH variable contains a semicolon-delimited set of directories that allows root to not specify the full path for a limited set of binaries. Having unexpected directories in $PATH can lead to root running a binary other than the one intended.
STIG Date
VMware vSphere 6.7 Photon OS Security Technical Implementation Guide 2022-06-17

Details

Check Text ( C-42361r675256_chk )
At the command line, execute the following command:

# echo $PATH

Expected result:

/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/java/jre-vmware/bin:/opt/vmware/bin

If the output does not match the expected result, this is a finding.
Fix Text (F-42320r675257_fix)
At the command line, execute the following command:

# export PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/java/jre-vmware/bin:/opt/vmware/bin