Check: AIX7-00-003030
IBM AIX 7.x STIG:
AIX7-00-003030
(in versions v3 r1 through v1 r1)
Title
AIX system must restrict the ability to switch to the root user to members of a defined group. (Cat II impact)
Discussion
Configuring a supplemental group for users permitted to switch to the root user prevents unauthorized users from accessing the root account, even with knowledge of the root credentials.
Check Content
Examine the "sugroups" of the root user. Generally only users in the adm group should have su to root capacity. Run the following command: # lsuser -a sugroups root root sugroups=system,staff,security If "sugroups" is blank or "ALL", this is a finding.
Fix Text
Use the "chsec" command to only allow users in the adm group to su to root: # chsec -f /etc/security/user -s root -a sugroups=adm
Additional Identifiers
Rule ID: SV-215338r991589_rule
Vulnerability ID: V-215338
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |