All system files, programs, and directories must be owned by a system account.
An XCCDF Rule
Description
<VulnDiscussion>Restricting permissions will protect the files from unauthorized modification.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-215183r508663_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Change the owner of public directories to "root" or an application account using the following command:
# chown root </public/directory>
Note: Replace "root" with an application user as necessary.