STIGQter STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The /etc/security/access.conf file must have a privileged group owner.

DISA Rule

SV-62901r1_rule

Vulnerability Number

V-1054

Group Title

GEN000000-LNX00420

Rule Version

GEN000000-LNX00420

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Use the chgrp command to ensure the group owner is root, sys, or bin.
(for example:
# chgrp root /etc/security/access.conf

).

Check Contents

Check access configuration group ownership:

# ls -lL /etc/security/access.conf

If this file exists and has a group-owner that is not a privileged user, this is a finding.

Vulnerability Number

V-1054

Documentable

False

Rule Version

GEN000000-LNX00420

Severity Override Guidance

Check access configuration group ownership:

# ls -lL /etc/security/access.conf

If this file exists and has a group-owner that is not a privileged user, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments