Check: GEN001220
HP-UX 11.23 STIG:
GEN001220
(in version v1 r8)
Title
All system files, programs, and directories must be owned by a system account. (Cat II impact)
Discussion
Restricting permissions will protect the files from unauthorized modification.
Check Content
Check the ownership of system files, programs, and directories. Procedure: # ls -lLa /etc /bin /usr/bin /usr/lbin /usr/usb /sbin /usr/sbin If any of the system files, programs, or directories are not owned by a system account, this is a finding.
Fix Text
Change the owner of system files, programs, and directories to a system account. Procedure: # chown root <path>/<system file> (A different system user may be used in place of root.)
Additional Identifiers
Rule ID: SV-38466r1_rule
Vulnerability ID: V-795
Group Title: GEN001220
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001499 |
The organization limits privileges to change software resident within software libraries. |
Controls
Number | Title |
---|---|
CM-5 (6) |
Limit Library Privileges |