Check: AIX7-00-002092
IBM AIX 7.x STIG:
AIX7-00-002092
(in versions v3 r1 through v2 r3)
Title
The inetd.conf file on AIX must be group owned by the "system" group. (Cat II impact)
Discussion
Failure to give ownership of sensitive files or utilities to system groups may provide unauthorized users with the potential to access sensitive information or change the system configuration which could weaken the system's security posture.
Check Content
Check the group ownership of "/etc/inetd.conf": # ls -al /etc/inetd.conf The above command should yield the following output: -rw-r----- root system /etc/inetd.conf If the file is not group owned by system, this is a finding.
Fix Text
Change the group ownership of "/etc/inetd.conf": # chgrp system /etc/inetd.conf
Additional Identifiers
Rule ID: SV-245564r991589_rule
Vulnerability ID: V-245564
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |