GEN003020 - Cron must not execute programs in, or subordinate to, world-writable directories.

Information

If cron programs are located in or subordinate to world-writable directories, they become vulnerable to removal and replacement by malicious users or system intruders.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Remove the world-writable permission from the cron program directories identified.

Procedure:
# chmod o-w <cron program directory>

See Also

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Group-ID|V-977, Rule-ID|SV-38947r1_rule, STIG-ID|GEN003020, Vuln-ID|V-977

Plugin: Unix

Control ID: f124b9c4ef8b38ba23adf940f3df2b413bd211d07ac102031d1ba76ef7374712