Ensure that Root's Path Does Not Include World or Group-Writable Directories


For each element in root’s path, run:

# ls -ld DIR

and ensure that write permissions are disabled for group and other.


Such entries increase the risk that root could execute code provided by unprivileged users, and potentially malicious code.