| GEN000930 - The root account's home directory must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001140 - System files and directories must not have uneven access permissions - '/usr/lbin' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/infopage/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/man/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/infopage/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/man/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001320 - NIS/NIS+/yp files must be owned by root, sys, or bin - '/var/yp/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001361 - NIS/NIS+/yp command files must not have extended ACLs - '/var/nis' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001361 - NIS/NIS+/yp command files must not have extended ACLs - '/var/yp' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001363 - The /etc/resolv.conf file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001367 - The /etc/hosts file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001369 - The /etc/hosts file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001372 - The /etc/nsswitch.conf file must be group-owned by root, bin, sys, or system - Not Applicable | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001420 - The /etc/security/passwd file must have mode 0400. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001520 - All interactive users' home directories must be group-owned by the home directory owner's primary group. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001560 - All files and directories contained in user's home directories must have mode 0750 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/rc*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001640 - Run control scripts must not execute world-writable programs or scripts. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'ipsec' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'lp' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'nobody' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'adm' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'adm' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'daemon' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'esaadmin' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'invscout' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'ipsec' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'pconsole' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'sshd' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'sys' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'uucp' - at.allow | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003340 - The at.allow file must have mode 0640 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003380 - The 'at' daemon must not execute programs in, or subordinate to, world-writable directories. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003770 - The services file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003790 - The services file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004500 - The SMTP service log file must have mode 0644 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004940 - The ftpusers file must have mode 0640 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005365 - The snmpd.conf file must be group-owned by bin, sys, or system - '/etc/snmpdv3.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005390 - The /etc/syslog.conf file must have mode 0640 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005400 - The /etc/syslog.conf file must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005420 - The /etc/syslog.conf file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005900 - The nosuid option must be enabled on all NFS client mounts. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006150 - The /usr/lib/smb.conf file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006180 - The /var/private/smbpasswd file must be group-owned by sys or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006220 - The smb.conf file must use the hosts option to restrict access to Samba. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006300 - The /etc/news/nnrp.access (or equivalent) must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006360 - The files in /etc/news must be group-owned by system or news. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN008060 - If the system is using LDAP the /etc/ldap.conf file must have mode 0644 or less permissive | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN008140 - The TLS certificate authority file and/or directory (as appropriate) must be owned by root | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
