For Ensure No World-Writable Files Exist - (CCE-26910-0), with either the stig-rhel6-server or the usgcb-rhel6-server profiles selected from the SCAP stream, when run with SCC 3.1.1.1, may produce a false-negative when running SCC 3.1.1.1 on a RHEL6V1R2 non-complaint machine. The non-complaint system contains world-writable files: $ /usr/bin/sudo /usr/bin/stat -c '%a' /etc/audit/audit.rules 777 See the following report output: Ensure No World-Writable Files Exist ID: world_writeable_files Result: Pass Identities: CCE-26910-0 Description: It is generally a good idea to remove global (other) write access to a file when it is discovered. However, check with documentation for specific applications before making changes. Also, monitor for recurring world-writable files, as these may be symptoms of a misconfigured application or user account. Fix Text: Severity: medium Weight: Reference: AC-6 Definitions: ID: oval:ssg:def:446 Result: true Title: Find Unauthorized World-Writable Files Description: The world-write permission should be disabled for all files. Class: compliance Tests:
true (All item-state comparisons must be true.) true (world writable files) Tests: Test ID: oval:ssg:tst:447 Result: true Title: world writable files Check Existence: No collected items may exist. Check: Result is based on check existence only. State Operator: All item-state comparisons must be true. Object ID: oval:ssg:obj:1524 Object Requirements: behavior requirements: recurse_direction = down recurse = directories recurse_file_system = local path must be equal to '/' filename must match the pattern '^.*$' filter must be equal to 'oval:ssg:ste:2230' _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
