Check: AIX7-00-001000
IBM AIX 7.x STIG:
AIX7-00-001000
(in versions v2 r9 through v1 r1)
Title
AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account. (Cat II impact)
Discussion
The "/etc/security/mkuser.sys.custom" is called by "/etc/security/mkuser.sys" to customize the new user account when a new user is created, or a user is logging into the system without a home directory. An improper "/etc/security/mkuser.sys.custom" script increases the risk that non-privileged users may obtain elevated privileges. It must not exist unless it is needed.
Check Content
Check if the "/etc/security/mkuser.sys.custom" file exists: # ls /etc/security/mkuser.sys.custom If the above command shows the file exists, this is a finding.
Fix Text
Remove the "/etc/security/mkuser.sys.custom" file using the following command: # rm /etc/security/mkuser.sys.custom
Additional Identifiers
Rule ID: SV-215169r508663_rule
Vulnerability ID: V-215169
Group Title: SRG-OS-000001-GPOS-00001
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000015 |
The organization employs automated mechanisms to support the information system account management functions. |
Controls
| Number | Title |
|---|---|
| AC-2 (1) |
Automated System Account Management |