| GEN000930 - The root account's home directory must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001140 - System files and directories must not have uneven access permissions - '/usr/lbin' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/infopage/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/man/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/infopage/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/man/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001320 - NIS/NIS+/yp files must be owned by root, sys, or bin - '/var/yp/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001361 - NIS/NIS+/yp command files must not have extended ACLs - '/var/nis' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001361 - NIS/NIS+/yp command files must not have extended ACLs - '/var/yp' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001363 - The /etc/resolv.conf file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001367 - The /etc/hosts file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001369 - The /etc/hosts file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001372 - The /etc/nsswitch.conf file must be group-owned by root, bin, sys, or system - Not Applicable | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001420 - The /etc/security/passwd file must have mode 0400. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001520 - All interactive users' home directories must be group-owned by the home directory owner's primary group. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001560 - All files and directories contained in user's home directories must have mode 0750 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/rc*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001640 - Run control scripts must not execute world-writable programs or scripts. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/csh.login' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001740 - All global initialization files must be owned by root - '/etc/environment' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001760 - All global initialization files must be group-owned by sys, bin, system, or security - '/etc/csh.cshrc' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'sshd' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003410 - The at directory must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003440 - 'At' jobs must not set the umask to a value less restrictive than 077 - '/var/spool/cron/atjobs/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003521 - The kernel core dump data directory must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003720 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be owned by root or bin - 'inetd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'inetd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'xinetd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003930 - The hosts.lpd (or equivalent) file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003950 - The hosts.lpd (or equivalent) file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004000 - The traceroute file must have mode 0700 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004010 - The traceroute file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004370 - The aliases file must be group-owned by sys, bin, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004380 - The alias file must have mode 0644 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004400 - Files executed through a mail aliases file must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004920 - The ftpusers file must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005000 - Anonymous FTP accounts must not have a functional shell. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005040 - All FTP users must have a default umask of 077. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005120 - The TFTP daemon must be configured to vendor specs including a home directory owned by the TFTP user - 'tftp user shell' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005340 - Management Information Base (MIB) files must have mode 0640 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005360 - The snmpd.conf file must be owned by root - '/etc/snmpdv3.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005365 - The snmpd.conf file must be group-owned by bin, sys, or system - '/etc/snmpd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005522 - The SSH public host key files must have mode 0644 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005536 - The SSH daemon must perform strict mode checking of home directory configuration files. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005537 - The SSH daemon must use privilege separation. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005740 - The NFS export configuration file must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006100 - The /usr/lib/smb.conf file must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006310 - The /etc/news/nnrp.access file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN008080 - If the system is using LDAP the /etc/ldap.conf file must be owned by root | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN008200 - The LDAP TLS certificate authority file must not have an extended ACL | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
