STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

AIX passwd.nntp file must have mode 0600 or less permissive.

DISA Rule

SV-215327r508663_rule

Vulnerability Number

V-215327

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

AIX7-00-003013

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Change the mode of all the found passwd.nntp files that have mode more permissive than "0600" using command:
# chmod 0600 <passwd.nntp_file>

Check Contents

If NNTP is not being used, this is Not Applicable.

Check passwd.nntp file permissions using command:
# find / -name passwd.nntp -exec ls -lL {} \;

The above command may yield the following output:
-rw------- 1 root system 19 Oct 16 10:46 /etc/news/passwd.nntp

If a "passwd.nntp" file has a mode more permissive than "0600", this is a finding.

Vulnerability Number

V-215327

Documentable

False

Rule Version

AIX7-00-003013

Severity Override Guidance

If NNTP is not being used, this is Not Applicable.

Check passwd.nntp file permissions using command:
# find / -name passwd.nntp -exec ls -lL {} \;

The above command may yield the following output:
-rw------- 1 root system 19 Oct 16 10:46 /etc/news/passwd.nntp

If a "passwd.nntp" file has a mode more permissive than "0600", this is a finding.

Check Content Reference

M

Target Key

4012

Comments