| GEN000930 - The root account's home directory must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001140 - System files and directories must not have uneven access permissions - '/usr/lbin' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/infopage/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/man/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/infopage/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/man/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001320 - NIS/NIS+/yp files must be owned by root, sys, or bin - '/var/yp/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001361 - NIS/NIS+/yp command files must not have extended ACLs - '/var/nis' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001361 - NIS/NIS+/yp command files must not have extended ACLs - '/var/yp' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001363 - The /etc/resolv.conf file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001367 - The /etc/hosts file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001369 - The /etc/hosts file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001372 - The /etc/nsswitch.conf file must be group-owned by root, bin, sys, or system - Not Applicable | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001420 - The /etc/security/passwd file must have mode 0400. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001520 - All interactive users' home directories must be group-owned by the home directory owner's primary group. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001560 - All files and directories contained in user's home directories must have mode 0750 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/rc*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001640 - Run control scripts must not execute world-writable programs or scripts. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/csh.login' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001740 - All global initialization files must be owned by root - '/etc/environment' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001760 - All global initialization files must be group-owned by sys, bin, system, or security - '/etc/csh.cshrc' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001820 - All skeleton files and directories (typically in /etc/skel) must be owned by root or bin - '/etc/security/mkuser.sys' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.bash_profile' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.bashrc' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.cshrc' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001880 - All local initialization files must have mode 0740 or less permissive - '~/.dispatch' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001880 - All local initialization files must have mode 0740 or less permissive - '~/.exrc' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user - '/dev/cd*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user - '/dev/rmt*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002980 - The cron.allow file must have mode 0640 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.allow file - 'lpd' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.allow file - 'nobody' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.allow file - 'sshd' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must GEN003580be included in the cron.deny file - 'sshd' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron' - no acls enabled | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003140 - Cron and crontab directories must be group-owned by system, sys, bin, or cron. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003180 - The cronlog file must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003240 - The cron.allow file must be owned by root, bin, or sys. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005190 - The .Xauthority files must not have extended ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005320 - The snmpd.conf file must have mode 0600 or less permissive - '/etc/snmpdv3.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005360 - The snmpd.conf file must be owned by root - '/etc/snmpd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005523 - The SSH private host key files must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006160 - The /var/private/smbpasswd file must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006270 - The /etc/news/hosts.nntp file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006280 - The /etc/news/hosts.nntp.nolimit (or equivalent) must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006290 - The /etc/news/hosts.nntp.nolimit file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006320 - The /etc/news/passwd.nntp file (or equivalent) must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006340 - Files in /etc/news must be owned by root or news. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN008100 - If the system is using LDAP the /etc/ldap.conf file must be group-owned by security, bin, sys, or system | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN008160 - The TLS certificate authority file and/or directory (as appropriate) must be group-owned by root, bin, sys, or system | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
