Startup file protection (UNIX)

Module: User Files

This check reports user startup files that do not have proper ownerships or permissions. Use the file permissions list to specify the names and expected permissions of the startup files for each user. You can exclude specified users and user groups from the check with the option, Users to skip for Startup file protection.

The following table lists the error messages for the check.

Table: Error messages for Startup file protection

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_USRSNOTOWNER Category: System Error	UNIX (5440)	Title: User does not own user startup file Description:The named user startup file is in the user directory tree but is not owned by the user. Either the user ID or group ID of the file does not match the user ID or group ID of the user, as defined in /etc/passwd. This is a security problem if the incorrect ownership allows unauthorized access to the files. Authorized users can also be prevented from accessing the files. You should change the user or group ownership of the file.	Severity: yellow-1 Correctable: true Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_BADPERM Category: System Error	UNIX (5441)	Title: Inadequate file permissions Description:The named file has permissions that either allow too much group or other access or include execute permission when it is not needed. Unauthorized access to files can provide intruders with information that is helpful in breaking into these accounts. Use the chmod command to set file permissions to the suggested value.	Severity: yellow-1 Correctable: true Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_USRSNOTOWNER

Category: System Error

UNIX (5440)

Title: User does not own user startup file

Description:The named user startup file is in the user directory tree but is not owned by the user. Either the user ID or group ID of the file does not match the user ID or group ID of the user, as defined in /etc/passwd. This is a security problem if the incorrect ownership allows unauthorized access to the files. Authorized users can also be prevented from accessing the files. You should change the user or group ownership of the file.

Severity: yellow-1

Correctable: true

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_BADPERM

Category: System Error

UNIX (5441)

Title: Inadequate file permissions

Description:The named file has permissions that either allow too much group or other access or include execute permission when it is not needed. Unauthorized access to files can provide intruders with information that is helpful in breaking into these accounts. Use the chmod command to set file permissions to the suggested value.

Severity: yellow-1

Correctable: true

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]