STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215268

CAT II (Medium)

AIX system files, programs, and directories must be group-owned by a system group.

Rule ID

SV-215268r991560_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-001499

Discussion

Restricting permissions will protect the files from unauthorized modification.

Check Content

Check the group ownership of system files, programs, and directories run the following command: 
# ls -lLa /etc /bin /usr/bin /usr/lbin /usr/ucb /sbin /usr/sbin 

If any system file, program, or directory is not group-owned by a system group, this is a finding. 

Note: For this check, the system-provided "ipsec" group is also acceptable.

Fix Text

Change the group owner of system files to a system group by running the following command:
 # chgrp sys /path/to/system/file 

Note: System groups other than "sys" may be used.