VCPF-67-000016 – Performance Charts directory tree must have permissions in an ‘out-of-the box’ state – out-of-the box state.

Details

Accounts on a web server are to be kept to a minimum. Only administrators, web managers, developers, auditors, and web authors require accounts on the machine hosting the web server. The resources to which these accounts have access must also be closely monitored and controlled. Performance Charts files must be adequately protected with correct permissions as applied ‘out of the box’.

Satisfies: SRG-APP-000211-WSR-000030, SRG-APP-000380-WSR-000072

Solution

At the command prompt, execute the following command:

# chown perfcharts:cis

Repeat the command for each file that was returned.

Note: Replace for the name of the file that was returned.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management, System and Communications Protection.This control applies to the following type of system Unix.

References

800-53|CM-5(1)
800-53|SC-2
CAT|II
CCI|CCI-001082
CCI|CCI-001813
Rule-ID|SV-239417r674974_rule
STIG-ID|VCPF-67-000016
Vuln-ID|V-239417

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles