Introduction

Test Result

Result ID Profile Start time End time Benchmark Benchmark version
xccdf_org.open-scap_testresult_usgcb-rhel6-server_tailored usgcb-rhel6-server_tailored 2014-11-05 10:03 2014-11-05 10:03 embedded 0.9

Target info

Targets

  • localhost.localdomain

Addresses

  • 127.0.0.1
  • 192.168.122.242
  • 0:0:0:0:0:0:0:1
  • fe80:0:0:0:5054:ff:fea1:4462

Applicable platforms

  • cpe:/o:redhat:enterprise_linux:6

Score

system score max % bar
urn:xccdf:scoring:default 50.00 100.00 50.00%

Results overview

Rule Results Summary

pass fixed fail error not selected not checked not applicable informational unknown total
1 0 1 0 397 0 0 0 0 399
Title Result
Ensure All SGID Executables Are Authorized fail
Ensure All SUID Executables Are Authorized pass

Results details

Result for Ensure All SGID Executables Are Authorized

Result: fail

Rule ID: no_unpackaged_sgid_files

Time: 2014-11-05 10:03

Severity: low

The SGID (set group id) bit should be set only on files that were installed via authorized means. A straightforward means of identifying unauthorized SGID files is determine if any were not installed as part of an RPM package, which is cryptographically verified. Investigate the origin of any unpackaged SGID files.

Executable files with the SGID permission run with the privileges of the owner of the file. SGID files of uncertain provenance could allow for unprivileged users to elevate privileges. The presence of these files should be strictly controlled on the system.

Security identifiers

  • CCE-26769-0

setgid files outside system RPMs

pathtypeUIDGIDsizepermissions
/bin/cgclassifyregular049611984rwxr-sr-x 

Result for Ensure All SUID Executables Are Authorized

Result: pass

Rule ID: no_unpackaged_suid_files

Time: 2014-11-05 10:03

Severity: low

The SUID (set user id) bit should be set only on files that were installed via authorized means. A straightforward means of identifying unauthorized SGID files is determine if any were not installed as part of an RPM package, which is cryptographically verified. Investigate the origin of any unpackaged SUID files.

Executable files with the SUID permission run with the privileges of the owner of the file. SUID files of uncertain provenance could allow for unprivileged users to elevate privileges. The presence of these files should be strictly controlled on the system.

Security identifiers

  • CCE-26497-8