Details

The /etc/netsvc.conf file is used to specify the ordering of name resolution for the sendmail command, alias resolution for the sendmail command, and host name resolution routines. Malicious changes could prevent the system from functioning correctly or compromise system security.

Solution

Change the group owner of the /etc/netsvc.conf file to bin, sys, or system.

Procedure:
# chgrp system /etc/netsvc.conf

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

• 800-53|AC-6
• CAT|II
• CCI|CCI-000225
• CSCv6|3.1
• Group-ID|V-29492
• Rule-ID|SV-38696r1_rule
• STIG-ID|GEN000000-AIX0090
• Vuln-ID|V-29492

Source

• Tenable.com/audits