Detections
Analytics
GEN002360 - Audio devices must be group-owned by root, sys, bin, or system.
Information
Without privileged group owners, audio devices will be vulnerable to being used as eaves-dropping devices by malicious users or intruders to possibly listen to conversations containing sensitive information.Solution
Change the group owner of the audio device.Procedure:
# chgrp system <audio device>
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6, CAT|II, CCI|CCI-000225, CSCv6|3.1, Rule-ID|SV-27253r1_rule, STIG-ID|GEN002360, Vuln-ID|V-1061
Plugin: Unix
Control ID: 4e2c03561ab59ba130b2b648c832aecf47b19c355fd7359f5da65d8591f08021