STIGQter STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The smbpasswd file must be group-owned by root.

DISA Rule

SV-64069r1_rule

Vulnerability Number

V-1058

Group Title

GEN006180

Rule Version

GEN006180

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Use the chgrp command to ensure that the group owner of the smbpasswd file is root.

For instance:
# chgrp root /etc/samba/passdb.tdb /etc/samba/secrets.tdb

Check Contents

Check "smbpasswd" ownership:

# ls -lL /etc/samba/passdb.tdb /etc/samba/secrets.tdb

If the "smbpasswd" file is not group-owned by root, this is a finding.

Vulnerability Number

V-1058

Documentable

False

Rule Version

GEN006180

Severity Override Guidance

Check "smbpasswd" ownership:

# ls -lL /etc/samba/passdb.tdb /etc/samba/secrets.tdb

If the "smbpasswd" file is not group-owned by root, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments