GEN005365 - The snmpd.conf file must be group-owned by bin, sys, or system - '/etc/snmpdv3.conf'

Information

The snmpd.conf file contains authenticators and must be protected from unauthorized access and modification. If the file is not group-owned by a system group, it may be subject to access and modification from unauthorized users.

Solution

Change the group owner of the SNMP configuration files.
Procedure:
# chgrp system /etc/snmpd.conf
# chgrp system /etc/snmpdv3.conf

See Also

http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Rule-ID|SV-38921r1_rule, STIG-ID|GEN005365, Vuln-ID|V-22451

Plugin: Unix

Control ID: 2c2bfc1a8819c3723e514c5a5967f023dae5dd709a26441e1a318f01affb330f