Skip to content

The AIX /var/spool/cron/atjobs directory must be owned by root or bin.

An XCCDF Rule

Description

<VulnDiscussion>Unauthorized ownership of the /var/spool/cron/atjobs directory could permit unauthorized users the ability to alter atjobs and run automated jobs as privileged users. Failure to set proper permissions of the /var/spool/cron/atjobs directory provides unauthorized users with the potential to access sensitive information or change the system configuration which could weaken the system's security posture.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-245566r991589_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Change the ownership of the "atjobs" directory to bin using command: 
# chown bin /var/spool/cron/atjobs