UCF STIG Viewer Logo

System start-up files must only execute programs owned by a privileged UID or an application.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4091 GEN001700 SV-38422r1_rule DCSL-1 Medium
Description
System start-up files that execute programs owned by other than root (or another privileged user) or an application indicate that the system may have been compromised.
STIG Date
HP-UX 11.23 Security Technical Implementation Guide 2015-12-02

Details

Check Text ( C-36374r2_chk )
Determine the ownership of programs executed by system start-up files.
# more `ls -alL /sbin/init.d/* | tr '\011' ' ' | tr -s ' ' | cut -f 9,9 -d " "`

If any executed program is not owned by root, sys, bin, or in rare cases, an application account, this is a finding.
Fix Text (F-31712r2_fix)
Change the ownership of the file executed from system startup scripts to root, bin, sys, or the application account, where required.
# chown root