Check: AIX7-00-002077
IBM AIX 7.x STIG:
AIX7-00-002077
(in versions v2 r9 through v2 r3)
Title
The inetd.conf file on AIX must be owned by root. (Cat II impact)
Discussion
Failure to give ownership of sensitive files or utilities to system groups may provide unauthorized users with the potential to access sensitive information or change the system configuration which could weaken the system's security posture.
Check Content
Check the ownership of "/etc/inetd.conf": # ls -al /etc/inetd.conf The above command should yield the following output: -rw-r----- root system 993 Mar 11 07:04 /etc/inetd.conf If the file is not owned by root, this is a finding.
Fix Text
Change the ownership of "/etc/inetd.conf": # chown root /etc/inetd.conf
Additional Identifiers
Rule ID: SV-215269r755154_rule
Vulnerability ID: V-215269
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |