The permissions on the Tanium Client directory must be restricted to only the SYSTEM account on all managed clients.
An XCCDF Rule
Description
<VulnDiscussion>By restricting access to the Tanium Client directory on managed clients, the Tanium client's ability to operate and function as designed will be protected from malicious attack and unintentional modifications by end users.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-93295r1_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Using a web browser on a system that has connectivity to Tanium, access the Tanium web UI and log on with CAC.
From the Dashboard, under "Client Service Hardening", click on "Set Client Directory Permissions".
The results will show a "Count" of clients' compliant and non-compliant hardening for the "Tanium Client Directory Permissions".