[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

System objects: Require case insensitivity for non-Windows subsystems

ID: oval:org.secpod.oval:def:40274Date: (C)2017-04-25   (M)2023-07-14
Class: COMPLIANCEFamily: windows




This policy setting determines whether case insensitivity is enforced for all subsystems. The Microsoft Win32 * subsystem is case insensitive. However, the kernel supports case sensitivity for other subsystems, such as the Portable Operating System Interface for UNIX (POSIX). Because Windows is case insensitive (but the POSIX subsystem will support case sensitivity), failure to enforce this policy setting makes it possible for a user of the POSIX subsystem to create a file with the same name as another file by using mixed case to label it. Such a situation can block access to these files by another user who uses typical Win32 tools, because only one of the files will be available. Vulnerability: Because Windows is case-insensitive but the POSIX subsystem will support case sensitivity, failure to enable this policy setting would make it possible for a user of that subsystem to create a file with the same name as another file but with a different mix of upper and lower case letters. Such a situation could potentially confuse users when they try to access such files from normal Win32 tools because only one of the files will be available. Counter Measure: Enable the System objects: Require case insensitivity for non-Windows subsystems setting. Potential Impact: All subsystems will be forced to observe case insensitivity. This configuration may confuse users who are familiar with any UNIX-based operating systems that are case-sensitive. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\System objects: Require case insensitivity for non-Windows subsystems (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Kernel!ObCaseInsensitive

Platform:
Microsoft Windows Server 2016
Reference:
CCE-44520-5
CPE    1
cpe:/o:microsoft:windows_server_2016:::x64
CCE    1
CCE-44520-5
XCCDF    4
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2016
xccdf_org.secpod_benchmark_general_Windows_Server_2016
...

© SecPod Technologies