← Back to SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

V-902

CAT II (Medium)

All interactive user home directories must be owned by their respective users.

Rule ID

SV-45030r1_rule

STIG

SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

Version

V1R12

CCIs

CCI-000225

Discussion

If users do not own their home directories, unauthorized users could access user files.

Check Content

Check the ownership of each user home directory listed in the /etc/passwd file.

Procedure:
# cut -d : -f 6 /etc/passwd | xargs -n1 ls -ld 

If any user home directory is not owned by the assigned user, this is a finding.

Fix Text

Change the owner of a user's home directory to its assigned user.

Procedure:
# chown <user> <home directory>