STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The AIX /etc/group file must have mode 0644 or less permissive.

DISA Rule

SV-215282r508663_rule

Vulnerability Number

V-215282

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

AIX7-00-002091

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Change the mode of the "/etc/group" file to "0644":
# chmod 0644 /etc/group

Check Contents

Verify the "/etc/group" file has the mode "0644" using command:
# ls -l /etc/group

The above command should yield the following output:
-rw-r--r-- 1 root security 387 Sep 06 11:40 /etc/group

If the file does not have mode "0644" or less permissive, this is a finding.

Vulnerability Number

V-215282

Documentable

False

Rule Version

AIX7-00-002091

Severity Override Guidance

Verify the "/etc/group" file has the mode "0644" using command:
# ls -l /etc/group

The above command should yield the following output:
-rw-r--r-- 1 root security 387 Sep 06 11:40 /etc/group

If the file does not have mode "0644" or less permissive, this is a finding.

Check Content Reference

M

Target Key

4012

Comments