All interactive programs must be placed in a designated directory with appropriate permissions.

An XCCDF Rule

Description

Directory options directives are directives that can be applied to further restrict access to file and directories. The Options directive controls which server features are available in a particular directory. The ExecCGI option controls the execution of CGI scripts using mod_cgi. This needs to be restricted to only the directory intended for script execution.

Property	Value
Responsibility	Web Administrator

ID: SV-32763r2_rule
Version: WA000-WWA050 A22
Severity: Medium
Updated: 17 days ago

Remediation Templates

Locate any cgi-bin files and directories enabled in the Apache configuration via Script, ScriptAlias or other Script* directives.

Remove the printenv default CGI in cgi-bin directory if it is installed. 

rm $APACHE_PREFIX/cgi-bin/printenv. 
Remove the test-cgi file from the cgi-bin directory if it is installed. 

rm $APACHE_PREFIX/cgi-bin/test-cgi. 

Review and remove any other cgi-bin files which are not needed for business purposes.

All interactive programs must be placed in a designated directory with appropriate permissions.

Description

Remediation Templates

A Manual Procedure