Details
Setting the sticky bit on world writable directories prevents users from deleting or
renaming files in that directory that are not owned by them.
*Rationale*
This feature prevents the ability to delete or rename files in world writable directories
(such as /tmp) that are owned by another user.
Solution
# df –local -P | awk {‘if (NR!=1) print $6’} | xargs -I ‘{}’ find ‘{}’ -xdev -type d
-perm -0002 2>/dev/null | xargs chmod a+t
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.