Detections
Analytics
GEN000000-LNX00400 - The /etc/security/access.conf file must be owned by root.
Information
The /etc/access.conf file contains entries restricting access from the system console by authorized System Administrators. If the file is owned by a user other than root, it could compromise the system.Solution
Follow the correct configuration parameters for access configuration file. Use the chown command to configure it properly.(for example:
# chown root /etc/security/access.conf
).
See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip
Item Details
Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT
References: 800-53|AC-6, 800-53|CM-6b., CAT|II, CCI|CCI-000225, CCI|CCI-000366, Group-ID|V-1025, Rule-ID|SV-37224r1_rule, STIG-ID|GEN000000-LNX00400, Vuln-ID|V-1025
Plugin: Unix
Control ID: fa46af3b8dca52f502eb1b721ca9b77f6a07afc68fe2d90e26a6ea093336fbaa