AIX7-00-001033 - AIX default system accounts (with the exception of root) must not be listed in the cron.allow file or must be included in the cron.deny file, if cron.allow does not exist - snapp

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

To centralize the management of privileged account crontabs, of the default system accounts, only root may have a crontab.

Solution

Remove default system accounts (such as bin, sys, adm, or lpd) from the 'cron.allow' file, or add those accounts to the 'cron.deny' file.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V2R6_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000366, Rule-ID|SV-215192r508663_rule, STIG-ID|AIX7-00-001033, STIG-Legacy|SV-101707, STIG-Legacy|V-91609, Vuln-ID|V-215192

Plugin: Unix

Control ID: e7e15d3e19cbb0ad374ec0ee8a79a9297f4408ceebbcfcfa12c12efeb26441ce