Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-22308 | GEN000850 | SV-26348r1_rule | ECLP-1 | Low |
Description |
---|
Configuring a supplemental group for users permitted to switch to the root user prevents unauthorized users from accessing the root account, even with knowledge of the root credentials. |
STIG | Date |
---|---|
VMware ESX 3 Server | 2016-05-13 |
Check Text ( C-27455r1_chk ) |
---|
Consult vendor documentation to determine if a specific configuration setting is available to restrict the ability to switch to the root user. If there is, and this is not configured, this is a finding. If there is not specific configuration, verify su is group-owned by the group permitted to access root and has no other execute permission. Procedure: # ls -l /bin/su If the group owner is not the group permitted access to root, or if /bin/su is executable by other users, this is a finding. |
Fix Text (F-23524r1_fix) |
---|
If the OS has a specific configuration setting to restrict access to root to a particular group, configure this in accordance with vendor documentation. Otherwise, change the group ownership of su to the group permitted root access, and remove any other execute permission. Procedure: # chgrp # chmod o-x /bin/su |