STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215268

CAT II (Medium)

AIX system files, programs, and directories must be group-owned by a system group.

Rule ID

SV-215268r991560_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-001499

Discussion

Restricting permissions will protect the files from unauthorized modification.

Check Content

Check the group ownership of system files, programs, and directories run the following command: 
# ls -lLa /etc /bin /usr/bin /usr/lbin /usr/ucb /sbin /usr/sbin 

If any system file, program, or directory is not group-owned by a system group, this is a finding. 

Note: For this check, the system-provided "ipsec" group is also acceptable.

Fix Text

Change the group owner of system files to a system group by running the following command:
 # chgrp sys /path/to/system/file 

Note: System groups other than "sys" may be used.