Detections
Analytics
AIX7-00-001000 - AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.
Warning! Audit Deprecated
This audit has been deprecated and will be removed in a future update.
View Next Audit VersionInformation
The '/etc/security/mkuser.sys.custom' is called by '/etc/security/mkuser.sys' to customize the new user account when a new user is created, or a user is logging into the system without a home directory. An improper '/etc/security/mkuser.sys.custom' script increases the risk that non-privileged users may obtain elevated privileges. It must not exist unless it is needed.Solution
Remove the '/etc/security/mkuser.sys.custom' file using the following command:# rm /etc/security/mkuser.sys.custom
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V2R8_STIG.zip
Item Details
Audit Name: DISA STIG AIX 7.x v2r8
References: CAT|II, CCI|CCI-000015, Rule-ID|SV-215169r508663_rule, STIG-ID|AIX7-00-001000, STIG-Legacy|SV-101313, STIG-Legacy|V-91213, Vuln-ID|V-215169
Plugin: Unix
Control ID: d3fd7b8bd65a4bbad31f29a93e804301a9c66e689121b04789e44590338dd4b2