Skip to content

IBM AIX 7.x Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • AIX must provide time synchronization applications that can synchronize the system clock to external time sources at least every 24 hours.

    <VulnDiscussion>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the cor...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • All AIX NFS anonymous UIDs and GIDs must be configured to values without permissions.

    &lt;VulnDiscussion&gt;When an NFS server is configured to deny remote root access, a selected UID and GID are used to handle requests from the remo...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • AIX nosuid option must be enabled on all NFS client mounts.

    &lt;VulnDiscussion&gt;Enabling the nosuid mount option prevents the system from granting owner or group-owner privileges to programs with the suid ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules