Check: GEN000000-HPUX0080
HP-UX 11.23 STIG:
GEN000000-HPUX0080
(in version v1 r8)
Title
The HP-UX /etc/securetty must be group-owned by root, sys, or bin. (Cat II impact)
Discussion
Root, sys, and bin are the most privileged group accounts, by default, for most UNIX systems. If a file as sensitive as /etc/securetty is not group-owned by a privileged group, it could lead to system compromise.
Check Content
ls -lL /etc/securetty
Fix Text
Change the group-owner of the /etc/securetty to root, bin, or sys. Example: # chgrp root /etc/securetty
Additional Identifiers
Rule ID: SV-965r2_rule
Vulnerability ID: V-965
Group Title: GEN000000-HPUX0080
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000225 |
The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions. |
CCI-000366 |
The organization implements the security configuration settings. |