GEN000000-LNX00400 - The /etc/security/access.conf file must be owned by root.

Information

The /etc/access.conf file contains entries restricting access from the system console by authorized System Administrators. If the file is owned by a user other than root, it could compromise the system.

Solution

Follow the correct configuration parameters for access configuration file. Use the chown command to configure it properly.
(for example:
# chown root /etc/security/access.conf
).

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6, 800-53|CM-6b., CAT|II, CCI|CCI-000225, CCI|CCI-000366, Group-ID|V-1025, Rule-ID|SV-37224r1_rule, STIG-ID|GEN000000-LNX00400, Vuln-ID|V-1025

Plugin: Unix

Control ID: fe3dffb2350b33ad92e9cd49d6053999c3ac2c2d45922e621ea217e2022c3b3b