Join the Reckless Community* indicates requiredEmail Address *First Name *Last Name *
Back to Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide
Severity: Medium
<VulnDiscussion>Files without a valid group owner may be unintentionally inherited if a group is assigned the same Group Identifier (GID) as the GID of the files without a valid group owner.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Verify all local files and directories on AlmaLinux OS 9 have a valid group with the following command: $ df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -nogroup If any files on the system do not have an assigned group, this is a finding.
Either remove all files and directories from AlmaLinux OS 9 that do not have a valid group, or assign a valid group to all files and directories on the system with the "chgrp" command: $ chgrp <group> <file>