| System-wide shared library files, which are linked to executables during process load time or run time, are stored in the following directories by default:
Kernel modules, which can be added to the kernel during runtime, are stored in "/lib/modules". All files in these directories should not be group-writable or world-writable. To find shared libraries that are group-writable or world-writable, run the following command for each directory [DIR] which contains shared libraries:
$ find -L [DIR] -perm /022 -type f
If any of these files (excluding broken symlinks) are group-writable or world-writable, this is a finding.