Details
Excessive permissions for the anonymous web user account are one of the most common faults contributing to the compromise of a web server. If this user is able to upload and execute files on the web server, the organization or owner of the server will no longer have control of the asset.
Solution
Assign the appropriate permissions to the applicable directories and files using the chmod command.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.
References
- 800-53|CM-6
- CAT|I
- CSCv6|3.1
- Rule-ID|SV-33027r2_rule
- STIG-ID|WG290_A22
- Vuln-ID|V-2258