Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-215169 | AIX7-00-001000 | SV-215169r508663_rule | Medium |
Description |
---|
The "/etc/security/mkuser.sys.custom" is called by "/etc/security/mkuser.sys" to customize the new user account when a new user is created, or a user is logging into the system without a home directory. An improper "/etc/security/mkuser.sys.custom" script increases the risk that non-privileged users may obtain elevated privileges. It must not exist unless it is needed. |
STIG | Date |
---|---|
IBM AIX 7.x Security Technical Implementation Guide | 2021-06-16 |
Check Text ( C-16367r293958_chk ) |
---|
Check if the "/etc/security/mkuser.sys.custom" file exists: # ls /etc/security/mkuser.sys.custom If the above command shows the file exists, this is a finding. |
Fix Text (F-16365r293959_fix) |
---|
Remove the "/etc/security/mkuser.sys.custom" file using the following command: # rm /etc/security/mkuser.sys.custom |