Free DISA STIG and SRG Library | Vaulted

V-4091

System start-up files must only execute programs owned by a privileged UID or an application.

Finding ID
GEN001700
Rule ID
SV-27221r1_rule
Severity
Cat II
CCE
(None)
Group Title
GEN001700
CCI
CCI-000225
Target Key
(None)
Documentable
No
Discussion

System start-up files executing programs owned by other than root (or another privileged user) or an application indicate the system may have been compromised.

Fix Text

Change the ownership of the file executed from system startup scripts to root, bin, sys, or other. # chown root &lt;<executed file>

Check Content

Check the ownership of any files executed from system startup scripts. If any of these files are not owned by root, bin, sys, or other, this is a finding.

Responsibility

System Administrator

IA Controls

DCSL-1