AIX Security Basics

Verify the Correct Startup Programs and Permissions

Chapter 4 | AIX eCourse

If your system startup files are not owned by root or don’t have a group owner of a system group, malicious users will be able to modify them for unauthorized purposes. To prevent this, change the incorrect owners of the run control scripts to something that is more restrictive. For example, chown root will change the owner to root, while chgroup sys will change the group owner to sys (default members of sys include root, bin, and sys).

From there, check the ownership of any files executed from startup scripts. Even if you have secured your startup file, but the file executes insecure applications, your system can still be compromised. Change ownerships of the files that are executed down in those startups if they aren't owned by root, bin, sys, or some other system owner.




Want to identify more security weaknesses?

Find out where your system security currently stands, whether your system is at risk, and how to improve data protection with our free security scan.