Check: PHTN-67-000100
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000100
(in versions v1 r6 through v1 r1)
Title
The Photon operating system must be configured so that all files have a valid owner and group owner. (Cat II impact)
Discussion
If files do not have valid user and group owners, unintended access to files could occur.
Check Content
At the command line, execute the following command: # find / -fstype ext4 -nouser -o -nogroup -exec ls -ld {} \; If any files are returned, this is a finding.
Fix Text
At the command line, execute the following command for each returned file: # chown root:root <file>
Additional Identifiers
Rule ID: SV-239171r675321_rule
Vulnerability ID: V-239171
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
---|---|
CM-6 |
Configuration Settings |