UCF STIG Viewer Logo

The /etc/ftpaccess.ctl file must be group-owned by root, bin, sys, or system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-29521 GEN000000-AIX0330 SV-38752r1_rule ECLP-1 Medium
Description
If the ftpaccess.ctl file is not group-owned by root or a system group, an unauthorized user may modify the file to allow unauthorized access to modify the file. Unauthorized modification could result in Denial of Service to authorized FTP users or permit unauthorized access to system information.
STIG Date
Draft AIX Security Technical Implementation Guide 2011-08-17

Details

Check Text ( C-37821r1_chk )
Check the group ownership of the ftpaccess.ctl file.

# ls -lL /etc/ftpaccess.ctl

If the /etc/ftpaccess.ctl file is not group-owned by root, bin, sys, or system, this is a finding.
Fix Text (F-33079r1_fix)
Change the group owner of the /etc/ftpaccess.ctl file.

# chgrp system /etc/ftpaccess.ctl