← Back to Red Hat Enterprise Linux 7 Security Technical Implementation Guide

V-204469

CAT II (Medium)

The Red Hat Enterprise Linux operating system must be configured so that all local interactive user home directories are owned by their respective users.

Rule ID

SV-204469r991589_rule

STIG

Red Hat Enterprise Linux 7 Security Technical Implementation Guide

Version

V3R15

CCIs

CCI-000366

Discussion

If a local interactive user does not own their home directory, unauthorized users could access or modify the user's files, and the users may not be able to access their own files.

Check Content

Verify the assigned home directory of all local interactive users on the system exists.

Check the home directory assignment for all local interactive users on the system with the following command:

# ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)

-rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj

If any home directories referenced in "/etc/passwd" are not owned by the interactive user, this is a finding.

Fix Text

Change the owner of a local interactive user's home directories to that owner. To change the owner of a local interactive user's home directory, use the following command:

Note: The example will be for the user smithj, who has a home directory of "/home/smithj".

# chown smithj /home/smithj