| System-wide shared library files, which are linked to executables during process load time or run time, are stored in the following directories by default:
Kernel modules, which can be added to the kernel during runtime, are stored in "/lib/modules". All files in these directories should not be group-writable or world-writable. To find shared libraries that are not owned by "root" and do not match what is expected by the RPM, run the following command:
for i in /lib /lib64 /usr/lib /usr/lib64
for j in `find -L $i \! -user root`
rpm -V -f $j | grep '^.....U'
If the command returns any results, this is a finding.