UCF STIG Viewer Logo

Device files used for backup must only be readable and/or writable by root or the backup user.


Overview

Finding ID Version Rule ID IA Controls Severity
V-925 GEN002300 SV-38506r1_rule ECCD-1 ECCD-2 Medium
Description
System backups could be accidentally or maliciously overwritten and destroy the ability to recover the system if a compromise should occur. Unauthorized users could also copy system files.
STIG Date
HP-UX 11.23 Security Technical Implementation Guide 2015-12-02

Details

Check Text ( C-36416r1_chk )
Check the system for device files read/write enabled for users other than root or the backup user.

Example:
# find / \( -perm -0020 -o -perm -0040 -o -perm -0002 -o -perm -0004 \) -a \( -type b -o -type c -o -type n \) -exec ls -ld {} \;
If any device files used for backup are read/write enabled for users other than root, this is a finding.
Fix Text (F-31754r1_fix)
Use the chmod command to remove the read/write bit(s) from the backup device files.

# chmod o-r
# chmod o-w
# chmod g-r
# chmod g-w


Document all changes.