Details

Allowing overly broad PATH and CLASSPATH variables could allow an attacker to leverage pathing issues and load malicious binaries or

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/580

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-7(2)
• CSCv6|8.4

Source

• Tenable.com/audits