Navigate

Check: GEN001500

HP-UX 11.31 STIG: GEN001500 (in versions v1 r19 through v1 r13)

Title

All interactive user home directories must be owned by their respective users. (Cat II impact)

Discussion

If users do not own their home directories, unauthorized users could access user files.

Check Content

Check the ownership of each user home directory listed in the /etc/passwd file. Procedure: # ls -lLd <user home directory> OR # ls -lLd `cat /etc/passwd | cut -f 6,6 -d ":"` | more If any user home directory is not owned by the assigned user, this is a finding.

Fix Text

Change the owner of a user's home directory to its assigned user. Procedure: # chown <user> <home directory>

Additional Identifiers

Rule ID: SV-38490r1_rule

Vulnerability ID: V-902

Group Title: GEN001500

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000225	Employ the principle of least privilege, allowing only authorized accesses for users (or processes acting on behalf of users) which are necessary to accomplish assigned organizational tasks.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-6	Least Privilege