GEN000000-LNX00420 - The /etc/security/access.conf file must have a privileged group owner.

Information

Depending on the access restrictions of the /etc/security/access.conf file, if the group owner were not a privileged group, it could endanger system security.

Solution

Use the chgrp command to ensure the group owner is root, sys, or bin.
(for example:
# chgrp root /etc/security/access.conf

).

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6, 800-53|CM-6b., CAT|II, CCI|CCI-000225, CCI|CCI-000366, Rule-ID|SV-218172r603259_rule, STIG-ID|GEN000000-LNX00420, STIG-Legacy|SV-62901, STIG-Legacy|V-1054, Vuln-ID|V-218172

Plugin: Unix

Control ID: e41e155f8f35c7420e8b678f5b00893f8c372ec419a252fd10574aa14f78034e