{"description": "Permissions for many files on a system must be set\nrestrictively to ensure sensitive information is properly protected.\nThis section discusses important\npermission restrictions which can be verified\nto ensure that no harmful discrepancies have\narisen.", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": ["permissions_important_account_files", "permissions_var_log_dir", "permissions_within_important_dirs", "rootfiles"], "rules": ["dir_perms_world_writable_root_owned", "dir_perms_world_writable_sticky_bits", "dir_perms_world_writable_system_owned", "dir_perms_world_writable_system_owned_group", "dir_system_commands_group_root_owned", "dir_system_commands_root_owned", "file_groupowner_etc_crypttab", "file_groupowner_etc_sysconfig_sshd", "file_groupowner_systemmap", "file_owner_etc_crypttab", "file_owner_etc_sysconfig_sshd", "file_owner_systemmap", "file_permissions_etc_crypttab", "file_permissions_etc_sysconfig_sshd", "file_permissions_systemmap", "file_permissions_unauthorized_sgid", "file_permissions_unauthorized_suid", "file_permissions_unauthorized_world_writable", "file_permissions_ungroupowned", "file_permissions_var_log_stig", "no_files_or_dirs_ungroupowned", "no_files_or_dirs_unowned_by_user", "no_files_unowned_by_user", "permissions_local_var_log", "sysctl_fs_protected_fifos", "sysctl_fs_protected_hardlinks", "sysctl_fs_protected_regular", "sysctl_fs_protected_symlinks"], "platform": "", "platforms": [], "inherited_platforms": [], "cpe_platform_names": [], "title": "Verify Permissions on Important Files and\nDirectories", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/files/group.yml"}