STIGQter STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The AIX root user home directory must not be the root directory (/).

DISA Rule

SV-215434r508663_rule

Vulnerability Number

V-215434

Group Title

SRG-OS-000480-GPOS-00230

Rule Version

AIX7-00-003140

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

The root home directory should be something other than "/" (such as /root).

Run commands:
# mkdir /root
# chown root /root
# chgrp system /root
# chmod 700 /root

Then, edit the passwd file and change the root home directory to "/root".

Check Contents

Determine if root is assigned a home directory other than "/" by listing its home directory by running command:

# grep "^root" /etc/passwd | awk -F":" '{print $6}'
/root

If the root user's home directory is "/", this is a finding.

Vulnerability Number

V-215434

Documentable

False

Rule Version

AIX7-00-003140

Severity Override Guidance

Determine if root is assigned a home directory other than "/" by listing its home directory by running command:

# grep "^root" /etc/passwd | awk -F":" '{print $6}'
/root

If the root user's home directory is "/", this is a finding.

Check Content Reference

M

Target Key

4012

Comments