GEN000000-LNX00400 - The /etc/security/access.conf file must be owned by root.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The /etc/security/access.conf file contains entries restricting access from the system console by authorized System Administrators. If the file is owned by a user other than root, it could compromise the system.

Solution

Follow the correct configuration parameters for access configuration file. Use the chown command to configure it properly.
(for example:
# chown root /etc/security/access.conf
).

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V1R14_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, CCI|CCI-000225, CCI|CCI-000366, CSCv6|3.1, Rule-ID|SV-62875r1_rule, STIG-ID|GEN000000-LNX00400, Vuln-ID|V-1025

Plugin: Unix

Control ID: 50855e3d7b9504c710f401f267381ba35f14ed18b2b331af49a1e398c72ae5ca