GEN001800 - All skeleton files (typically those in /etc/skel) must have mode 0644 or less permissive - '/etc/security/mkuser.sys'

Information

If the skeleton files are not protected, unauthorized personnel could change user startup parameters and possibly jeopardize user files.

Solution

Change the mode of skeleton files with incorrect mode.
# chmod 0644 /etc/security/.profile
# chmod 0755 /etc/security/mkuser.sys

See Also

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Group-ID|V-788, Rule-ID|SV-38735r1_rule, STIG-ID|GEN001800, Vuln-ID|V-788

Plugin: Unix

Control ID: f2c5a73e5bd893ca4d15965023a7fc106ae22a43ee50371e844fdf2e75a4da4b