Title

AIX passwd.nntp file must have mode 0600 or less permissive. (Cat II impact)

Discussion

File permissions more permissive than 0600 for /etc/news/passwd.nntp may allow access to privileged information by system intruders or malicious users.

Check Content

If NNTP is not being used, this is Not Applicable. Check passwd.nntp file permissions using command: # find / -name passwd.nntp -exec ls -lL {} \; The above command may yield the following output: -rw------- 1 root system 19 Oct 16 10:46 /etc/news/passwd.nntp If a "passwd.nntp" file has a mode more permissive than "0600", this is a finding.

Fix Text

Change the mode of all the found passwd.nntp files that have mode more permissive than "0600" using command: # chmod 0600 <passwd.nntp_file>

Additional Identifiers

Rule ID: SV-215327r508663_rule

Vulnerability ID: V-215327

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.