Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-925 | GEN002300 | SV-38506r1_rule | ECCD-1 ECCD-2 | Medium |
Description |
---|
System backups could be accidentally or maliciously overwritten and destroy the ability to recover the system if a compromise should occur. Unauthorized users could also copy system files. |
STIG | Date |
---|---|
HP-UX 11.23 Security Technical Implementation Guide | 2015-06-12 |
Check Text ( C-36416r1_chk ) |
---|
Check the system for device files read/write enabled for users other than root or the backup user. Example: # find / \( -perm -0020 -o -perm -0040 -o -perm -0002 -o -perm -0004 \) -a \( -type b -o -type c -o -type n \) -exec ls -ld {} \; If any device files used for backup are read/write enabled for users other than root, this is a finding. |
Fix Text (F-31754r1_fix) |
---|
Use the chmod command to remove the read/write bit(s) from the backup device files. # chmod o-r # chmod o-w # chmod g-r # chmod g-w Document all changes. |