An error occurred:

Check: ESX0920

VMware ESX 3 Server: ESX0920 (in version v1 r2)

Title

Master templates are not restricted to authorized users only. (Cat II impact)

Discussion

Restricting access to master templates to authorized users helps ensure they are not compromised or modified. If these master templates were compromised, all future guest installations could be corrupt or contain malicious code. Master templates will be restricted to only users that are administering and/or creating guest virtual machines.

Check Content

On the ESX Server service console perform the following command to determine if the /Master, /Utilities, or /vmimages file partitions are accessible to unauthorized users. # ls -la /vmimages (Or name of master template directory) Permissions for .vmdk files should be 600 or rw-------. If they are not 600 or more restrictive, this is a finding.

Fix Text

Restrict master templates to authorized users only.

Additional Identifiers

Rule ID: SV-16829r1_rule

Vulnerability ID: V-15888

Group Title: Master templates are not restricted

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check