Details
Allowing all users to view the top level of all networked user’s home folder may not be desirable since it may lead to the revelation of sensitive information.
Solution
Perform the following to implement the prescribed state: Run one of the following commands in Terminal: sudo chmod -R og-rwx /Users/<username> sudo chmod -R og-rw /Users/<username> Substitute user name in <username>. This command has to be run for each user account with a local home folder. Impact: If implemented, users will not be able to use the ‘Public’ folders in other users’ home folders. ‘Public’ folders with appropriate permissions would need to be set up in the /Shared folder.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.