Title

The sticky bit must be set on all public directories on AIX systems. (Cat II impact)

Discussion

Failing to set the sticky bit on public directories allows unauthorized users to delete files in the directory structure. The only authorized public directories are those temporary directories supplied with the system, or those designed to be temporary file repositories. The setting is normally reserved for directories used by the system, and by users for temporary file storage - such as /tmp - and for directories requiring global read/write access.

Check Content

Verify all world-writable directories have the sticky bit set by running the command: # find / -type d -perm -002 ! -perm -1000 > wwlist # cat wwlist If any directories are listed in the "wwlist" file, this is a finding.

Fix Text

Set the sticky bit on all public directories, such as: # chmod 1777 /tmp (Replace /tmp with the public directory missing the sticky bit, if necessary.)

Additional Identifiers

Rule ID: SV-215341r508663_rule

Vulnerability ID: V-215341

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.