An error occurred:

Check: AIX7-00-002084

IBM AIX 7.x STIG: AIX7-00-002084 (in versions v2 r9 through v1 r1)

Title

The AIX /etc/group file must be group-owned by security. (Cat II impact)

Discussion

The "/etc/group" file contains information regarding groups that are configured on the system. Protection of this file is important for system security.

Check Content

Verify the "/etc/group" file is group-owned by "security" using command: # ls -l /etc/group The above command should yield the following output: -rw-r--r-- 1 root security 387 Sep 06 11:40 /etc/group If the file is not group-owned by "security", this is a finding.

Fix Text

Change the group of the "/etc/group" file to "security": # chgrp security /etc/group

Additional Identifiers

Rule ID: SV-215275r508663_rule

Vulnerability ID: V-215275

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings