GEN004920 - The ftpusers file must be owned by root - '/etc/ftpusers'

Information

If the file ftpusers is not owned by root, an unauthorized user may modify the file to allow unauthorized accounts to use FTP.

Solution

Change the owner of the ftpusers file to root.
For gssftp:
# chown root /etc/ftpusers

For vsftp:
# chown root /etc/vsftpd.ftpusers /etc/vsftpd/ftpusers

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Group-ID|V-842, Rule-ID|SV-37537r1_rule, STIG-ID|GEN004920, Vuln-ID|V-842

Plugin: Unix

Control ID: aca4ef325c05a4a734d601ca96ad150b3bffd74f32c80498d0ccaf39894b0e35