UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The /etc/ftpaccess.ctl file must be owned by root.


Overview

Finding ID Version Rule ID IA Controls Severity
V-29520 GEN000000-AIX0320 SV-38751r1_rule ECLP-1 Medium
Description
If the ftpaccess.ctl file is not owned by root, an unauthorized user may modify the file to allow unauthorized access to change the file. Unauthorized modification could result in Denial of Service to authorized FTP users or permit unauthorized access to system information.
STIG Date
AIX 5.3 SECURITY TECHNICAL IMPLEMENTATION GUIDE 2014-10-03

Details

Check Text ( C-37820r1_chk )
Check the ownership of the /etc/ftpaccess.ctl file.

# ls -l /etc/ftpaccess.ctl

If the ftpaccess.ctl file is not owned by root, this is a finding.
Fix Text (F-33078r1_fix)
Change the owner of the ftpaccess.ctl file to root.

# chown root /etc/ftpaccess.ctl