From SOLARIS 10 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE
Part of GEN001550
Associated with IA controls: ECLP-1
Associated with: CCI-000225
If a user's files are group-owned by a group of which the user is not a member, unintended users may be able to access them.
Check the contents of user home directories for files group-owned by a group of which the home directory's owner is not a member. 1. List the user accounts. # cut -d : -f 1/etc/passwd 2. For each user account, get a list of GIDs for files in the user's home directory. # find < users home directory > -exec ls -lLd \; 3. Obtain the list of GIDs associated with the user's account. # id < user name > 4. Check the GID lists. If there are GIDs in the file list not present in the user list, this is a finding.
Change the group of a file not group-owned by a group where the home directory's owner is a member.
# chgrp < user's primary group >
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer