Skip to content

III - Administrative Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • All AIX files and directories must have a valid owner.

    &lt;VulnDiscussion&gt;Unowned files do not directly imply a security problem, but they are generally a sign that something is amiss. They may be ca...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • The sticky bit must be set on all public directories on AIX systems.

    &lt;VulnDiscussion&gt;Failing to set the sticky bit on public directories allows unauthorized users to delete files in the directory structure. The...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • The AIX global initialization files must contain the mesg -n or mesg n commands.

    &lt;VulnDiscussion&gt;Command "mesg -n" allows only the root user the permission to send messages to your workstation to avoid having others clutte...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • The AIX hosts.lpd file must not contain a + character.

    &lt;VulnDiscussion&gt;Having the '+' character in the hosts.lpd (or equivalent) file allows all hosts to use local system print resources.&lt;/Vuln...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • AIX sendmail logging must not be set to less than nine in the sendmail.cf file.

    &lt;VulnDiscussion&gt;If Sendmail is not configured to log at level 9, system logs may not contain the information necessary for tracking unauthori...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules