STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to VMware vRealize Automation 7.x vAMI Security Technical Implementation Guide

V-240935

CAT II (Medium)

The vAMI executable files and library must not be world-writeable.

Rule ID

SV-240935r879586_rule

STIG

VMware vRealize Automation 7.x vAMI Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001499

Discussion

Application servers have the ability to specify that the hosted applications utilize shared libraries. The application server must have a capability to divide roles based upon duties wherein one project user (such as a developer) cannot modify the shared library code of another project user. The application server must also be able to specify that non-privileged users cannot modify any shared library code at all.

Check Content

At the command prompt, execute the following command:

find /opt/vmware/share/vami -perm -0002 -type f

If any files are listed, this is a finding.

Fix Text

At the command prompt, enter the following command:

chmod a-w </path/to/file>

Note: Replace </path/to/file> with the file(s) with world-write rights.