GEN004920 - The ftpusers file must be owned by root.

Information

If the file ftpusers is not owned by root, an unauthorized user may modify the file to allow unauthorized accounts to use FTP.

Solution

Change the owner of the ftpusers file to root.
# chown root /etc/ftpd/ftpusers

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_SPARC_V2R4_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(4), CAT|II, CCI|CCI-002165, Rule-ID|SV-226950r854441_rule, STIG-ID|GEN004920, STIG-Legacy|SV-28410, STIG-Legacy|V-842, Vuln-ID|V-226950

Plugin: Unix

Control ID: 0380187aaf4cf492ddf7a420cc1a8b3e4d03a93f358061eb9de6b26128bd51bf