Ensure that Root's Path Does Not Include World or Group-Writable Directories

Classification:

compliance

Framework:

Control:

Description

For each element in root’s path, run:

# ls -ld *DIR*

and ensure that write permissions are disabled for group and other.

Such entries increase the risk that root could execute code provided by unprivileged users, and potentially malicious code.