GEN000000-AIX0320 - The /etc/ftpaccess.ctl file must be owned by root.

Information

If the ftpaccess.ctl file is not owned by root, an unauthorized user may modify the file to allow unauthorized access to change the file. Unauthorized modification could result in Denial of Service to authorized FTP users or permit unauthorized access to system information.

Solution

Change the owner of the ftpaccess.ctl file to root.
# chown root /etc/ftpaccess.ctl

See Also

http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6, 800-53|CM-6b., CAT|II, CCI|CCI-000225, CCI|CCI-000366, Rule-ID|SV-38751r1_rule, STIG-ID|GEN000000-AIX0320, Vuln-ID|V-29520

Plugin: Unix

Control ID: b142f74eb0e3457f99b51c627fca52b2daffcddb8899810e6b0b7e6665f594d4