GEN001830 - All skeleton files (typically in /etc/skel) must be group-owned by security - '/etc/security/mkuser.sys'

Information

If the skeleton files are not protected, unauthorized personnel could change user start-up parameters and possibly jeopardize user files.

Solution

Change the group owner of the skeleton file to security.
Procedure:
# chgrp security /etc/security/.profile /etc/security/mkuser.sys

See Also

http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip

Item Details

Audit Name: DISA AIX 5.3 STIG v1r2

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, CCI|CCI-000225, CSCv6|3.1, Rule-ID|SV-38738r1_rule, STIG-ID|GEN001830, Vuln-ID|V-22358

Plugin: Unix

Control ID: 07b6c5e3f9bcf8abd8d14885df39880711ac26a7c67c7ecb0ea1a9d54c6e3670