Check: GEN000850
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN000850
(in versions v1 r14 through v1 r10)
Title
The system must restrict the ability to switch to the root user to members of a defined group. (Cat III impact)
Discussion
Configuring a supplemental group for users permitted to switch to the root user prevents unauthorized users from accessing the root account, even with knowledge of the root credentials.
Check Content
Examine the sugroups of the root user. Generally only users in the adm group should have su to root capacity. Procedure: #lsuser -a sugroups root If this is blank or ALL, this is a finding.
Fix Text
Use the chsec command to only allow users in the adm group to su to root. #chsec -f /etc/security/user -s root -a sugroups=adm
Additional Identifiers
Rule ID: SV-38680r1_rule
Vulnerability ID: V-22308
Group Title: GEN000850
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000009 |
The organization manages information system accounts by identifying authorized users of the information system and specifying access privileges. |
Controls
Number | Title |
---|---|
No controls are assigned to this check |