Group writable directories in PATH (UNIX)

Module: User Files

The check reports group-writable directories that are listed in user PATH variables. Use the check's name list to exclude or include users and user groups that are not already included or excluded by the Users to check option. Enable one, but not both, of the PATH (using su) or PATH (modifying startup script) options before executing this security check.

The following table lists the error message for the check.

Table: Error message for Group writable directories in PATH

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information


Category: System Error

UNIX (5459)

Title: Group writable directory in user path

Description:The named, group-writable directory is listed in the named user's PATH variable. This allows other members of the user group to create files that could "spoof" this user by placing a new file with the name of a common command like "ls" in the named directory. This can be a serious security problem. You should remove group write permissions from the named directory (chmod g-w filename) or remove the directory from the user's path.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]