V-915

Discussion

Excessive permissions allow unauthorized access to user files.

Check Content

For each user in the /etc/passwd file, check for files and directories with a mode more permissive than 0750.

Procedure:
# find /<usershomedirectory> ! -fstype nfs ! \( -name .bashrc -o -name .bash_login -o -name .bash_logout -o -name .bash_profile -o -name .cshrc -o -name .kshrc -o -name .login -o -name .logout -o -name .profile -o -name .tcshrc -o -name .env -o -name .dtprofile -o -name .dispatch -o -name .emacs -o -name .exrc \) \( -perm -0001 -o -perm -0002 -o -perm -0004 -o -perm -0020 -o -perm -2000 -o -perm -4000 \) -exec ls -ld {} \;

If user home directories contain files or directories more permissive than 0750, this is a finding.