Check: AIX7-00-003013
IBM AIX 7.x STIG:
AIX7-00-003013
(in versions v3 r1 through v1 r1)
Title
AIX passwd.nntp file must have mode 0600 or less permissive. (Cat II impact)
Discussion
File permissions more permissive than 0600 for /etc/news/passwd.nntp may allow access to privileged information by system intruders or malicious users.
Check Content
If NNTP is not being used, this is Not Applicable. Check passwd.nntp file permissions using command: # find / -name passwd.nntp -exec ls -lL {} \; The above command may yield the following output: -rw------- 1 root system 19 Oct 16 10:46 /etc/news/passwd.nntp If a "passwd.nntp" file has a mode more permissive than "0600", this is a finding.
Fix Text
Change the mode of all the found passwd.nntp files that have mode more permissive than "0600" using command: # chmod 0600 <passwd.nntp_file>
Additional Identifiers
Rule ID: SV-215327r991589_rule
Vulnerability ID: V-215327
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |