Free DISA STIG and SRG Library | Vaulted

V-11983

All global initialization files must be group-owned by sys, bin, system, or security.

Finding ID
GEN001760
Rule ID
SV-38892r1_rule
Severity
Cat II
CCE
(None)
Group Title
GEN001760
CCI
CCI-000225
Target Key
(None)
Documentable
No
Discussion

Global initialization files are used to configure the user's shell environment upon login. Malicious modification of these files could compromise accounts upon logon. Failure to give ownership of sensitive files or utilities to root or bin provides the designated owner and unauthorized users with the potential to access sensitive information or change the system configuration which could weaken the system's security posture.

Fix Text

Change the group ownership of the global initialization file(s) with incorrect group ownership. Procedure: # chgrp system &lt;<global initialization file>

Check Content

Check the group ownership of global initialization files. Procedure: # ls -lL /etc/.login /etc/profile /etc/bashrc /etc/environment /etc/security/environ /etc/security/.profile /etc/csh.login /etc/csh.cshrc If any global initialization file is not group-owned by sys, bin, system, or security, this is a finding.

Responsibility

System Administrator

IA Controls

ECLP-1