An error occurred:

Check: GEN004900

Solaris 10 X86 STIG: GEN004900 (in versions v2 r4 through v1 r17)

Title

The ftpusers file must contain account names not allowed to use FTP. (Cat II impact)

Discussion

The ftpusers file contains a list of accounts that are not allowed to use FTP to transfer files. If the file does not contain the names of all accounts not authorized to use FTP, then unauthorized use of FTP may take place.

Check Content

Check the contents of the ftpusers file. Procedure: # more /etc/ftpd/ftpusers If the system has accounts not allowed to use FTP that are not listed in the ftpusers file, this is a finding.

Fix Text

Add accounts not allowed to use FTP to the /etc/ftpd/ftpusers file.

Additional Identifiers

Rule ID: SV-227856r854507_rule

Vulnerability ID: V-227856

Group Title: SRG-OS-000312

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-002165

The information system enforces organization-defined discretionary access control policies over defined subjects and objects.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-3 (4)

Discretionary Access Control