Disk and memory access (UNIX)

Module: Object Integrity

This check verifies that disk and memory special device files are owned by a privileged UID or a privileged GID and do not provide any other access.

The following table lists the error messages for the check.

Table: Error messages for Disk and memory access

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_ACCUSR Category: Policy Compliance	UNIX (6233)	Title: Improperly owned special device file Description:The disk or memory special device files listed below are owned by a UID that is non-privileged. This can allow unauthorized access to the disk or system memory. You should change the UID to 0.	Severity: red-4 Correctable: true Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_ACCGRP Category: Policy Compliance	UNIX (6234)	Title: Special device file with non-privileged group access Description:The disk or memory special device files listed below allow group access and are owned by a GID that is non-privileged. This can allow unauthorized access to the disk or system memory. You should change the GID to 3.	Severity: red-4 Correctable: true Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_ACCOTH Category: Policy Compliance	UNIX (6235)	Title: Special device file with other access Description:The disk or memory special device files listed below allow other access. This can allow unauthorized access to the disk or system memory. You should remove other access.	Severity: red-4 Correctable: true Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_ACCUSR

Category: Policy Compliance

UNIX (6233)

Title: Improperly owned special device file

Description:The disk or memory special device files listed below are owned by a UID that is non-privileged. This can allow unauthorized access to the disk or system memory. You should change the UID to 0.

Severity: red-4

Correctable: true

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_ACCGRP

Category: Policy Compliance

UNIX (6234)

Title: Special device file with non-privileged group access

Description:The disk or memory special device files listed below allow group access and are owned by a GID that is non-privileged. This can allow unauthorized access to the disk or system memory. You should change the GID to 3.

Severity: red-4

Correctable: true

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_ACCOTH

Category: Policy Compliance

UNIX (6235)

Title: Special device file with other access

Description:The disk or memory special device files listed below allow other access. This can allow unauthorized access to the disk or system memory. You should remove other access.

Severity: red-4

Correctable: true

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]