STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Nutanix Acropolis GPOS Security Technical Implementation Guide

V-279585

CAT II (Medium)

Nutanix OS must limit the ability of nonprivileged users to grant other users direct access to the contents of their home directories/folders.

Rule ID

SV-279585r1192452_rule

STIG

Nutanix Acropolis GPOS Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-002165

Discussion

Users' home directories/folders may contain information of a sensitive nature. Nonprivileged users should coordinate any sharing of information with a system administrator (SA) through shared resources.

Check Content

Verify Nutanix OS has assigned home directory of all local interactive users has a mode of "0750" or less permissive using the following command.

$ ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)
drwxr-x---.  3 admin   admin   4096 Nov  6  2020 /home/admin
drwxr-x---. 26 nutanix nutanix 4096 Aug 17 08:02 /home/nutanix

If home directories referenced in "/etc/passwd" do not have a mode of "0750" or less, this is a finding.

Fix Text

For AOS, Prism Central, and Files, configure any interactive users home directory to have a mode of 0750 or less using the following command.

$ sudo chmod 0750 [path to interactive user's home directory]

For AHV, this setting is a default setting set by the vendor and is not supported to be changed in the field. If any interactive user accounts exist then something has been modified and the hypervisor OS VM must be rebuilt from source.