All AIX files and directories must have a valid owner.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-215340	AIX7-00-003034	SV-215340r508663_rule		Medium

Description
Unowned files do not directly imply a security problem, but they are generally a sign that something is amiss. They may be caused by an intruder, by incorrect software installation or draft software removal, or by failure to remove all files belonging to a deleted account. The files should be repaired so they will not cause problems when accounts are created in the future, and the cause should be discovered and addressed.

Description

Unowned files do not directly imply a security problem, but they are generally a sign that something is amiss. They may be caused by an intruder, by incorrect software installation or draft software removal, or by failure to remove all files belonging to a deleted account. The files should be repaired so they will not cause problems when accounts are created in the future, and the cause should be discovered and addressed.

STIG	Date
IBM AIX 7.x Security Technical Implementation Guide	2022-06-06

Details

Check Text ( C-16538r294471_chk )
Check the system for files with no assigned owner using the following command: # find / -nouser -print If any files have no assigned owner, this is a finding.

Fix Text (F-16536r294472_fix)
All directories and files (executable and data) will have an identifiable owner and group name. Either trace files to an authorized user, change the file's owner to "root", or delete them. Determine the legitimate owner of the files and use the "chown" command to set the owner and group to the correct value. If the legitimate owner cannot be determined, change the owner to "root" (but make sure none of the changed files remain executable because they could be trojan horses or other malicious code). Examine the files to determine their origin and the reason for their lack of an owner/group. From the command prompt, run the following command to set the owner and/or group on a file: # chown . /

Fix Text (F-16536r294472_fix)

All directories and files (executable and data) will have an identifiable owner and group name. Either trace files to an authorized user, change the file's owner to "root", or delete them. Determine the legitimate owner of the files and use the "chown" command to set the owner and group to the correct value. If the legitimate owner cannot be determined, change the owner to "root" (but make sure none of the changed files remain executable because they could be trojan horses or other malicious code). Examine the files to determine their origin and the reason for their lack of an owner/group.

From the command prompt, run the following command to set the owner and/or group on a file:
# chown . /