STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The AIX /etc/group file must be group-owned by security.

DISA Rule

SV-215275r508663_rule

Vulnerability Number

V-215275

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

AIX7-00-002084

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Change the group of the "/etc/group" file to "security":
# chgrp security /etc/group

Check Contents

Verify the "/etc/group" file is group-owned by "security" using command:
# ls -l /etc/group

The above command should yield the following output:
-rw-r--r-- 1 root security 387 Sep 06 11:40 /etc/group

If the file is not group-owned by "security", this is a finding.

Vulnerability Number

V-215275

Documentable

False

Rule Version

AIX7-00-002084

Severity Override Guidance

Verify the "/etc/group" file is group-owned by "security" using command:
# ls -l /etc/group

The above command should yield the following output:
-rw-r--r-- 1 root security 387 Sep 06 11:40 /etc/group

If the file is not group-owned by "security", this is a finding.

Check Content Reference

M

Target Key

4012

Comments