Profile Applicability:
Level 1
Description:
The PATH environment variable for the root user defines directories that the shell searches for executable files. If the PATH contains insecure directories (such as . or writable directories), it can lead to execution of malicious programs with root privileges.
Rationale:
Ensuring the root user's PATH environment variable is secure prevents attackers from exploiting insecure path entries to gain unauthorized root access or execute malicious commands.
Impact:
Pros:
Prevents execution of unauthorized or malicious programs by root.
Enhances system security and reduces privilege escalation risks.
Cons:
Misconfiguration could restrict legitimate command execution if required paths are missing.
Default Value:
By default, the root user's PATH may include insecure directories if not properly configured.
Pre-requisites:
Root or sudo privileges to audit and modify environment configuration files.
Remediation:
Test Plan:
Using Linux command line:
Check the root user's PATH value:
echo $PATH (as root)
Verify that the PATH does not include:
Current directory (.)
Directories writable by others or not owned by root
Check configuration files such as /root/.bash_profile, /root/.bashrc, /etc/profile, and /etc/environment for PATH settings.
Implementation Plan:
Using Linux command line:
Edit root user's shell initialization files (/root/.bash_profile, /root/.bashrc) to set a secure PATH. For example:
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Remove any insecure directories from PATH.
Verify ownership and permissions of directories in the PATH.
Reload the environment or log out and back in.
Backout Plan:
Using Linux command line:
Restore previous PATH settings from backups if needed.
Communicate changes to system administrators.
References:
CIS Amazon Linux 2 Benchmark v3.0.0