Skip to content

The AIX /var/spool/cron/atjobs directory must be owned by root or bin.

An XCCDF Rule

Description

Unauthorized ownership of the /var/spool/cron/atjobs directory could permit unauthorized users the ability to alter atjobs and run automated jobs as privileged users. Failure to set proper permissions of the /var/spool/cron/atjobs directory provides unauthorized users with the potential to access sensitive information or change the system configuration which could weaken the system's security posture.

ID
SV-245566r991589_rule
Version
AIX7-00-002147
Severity
Medium
References
Updated

Remediation Templates

A Manual Procedure

Change the ownership of the "atjobs" directory to bin using command: 
# chown bin /var/spool/cron/atjobs