The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid owner.

From Red Hat Enterprise Linux 7 Security Technical Implementation Guide

Part of SRG-OS-000480-GPOS-00227

Associated with: CCI-002165

SV-86631r3_rule The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid owner.

Vulnerability discussion

Unowned files and directories may be unintentionally inherited if a user is assigned the same User Identifier "UID" as the UID of the un-owned files.

Check content

Verify all files and directories on the system have a valid owner. Check the owner of all files and directories with the following command: Note: The value after -fstype must be replaced with the filesystem type. XFS is used as an example. # find / -fstype xfs -nouser If any files on the system do not have an assigned owner, this is a finding.

Fix text

Either remove all files and directories from the system that do not have a valid user, or assign a valid user to all unowned files and directories on the system with the "chown" command: # chown

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer