STIGQter STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Apr 2019: AIX cron and crontab directories must be owned by root or bin.

DISA Rule

SV-101693r1_rule

Vulnerability Number

V-91595

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

AIX7-00-002078

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Change the owner of the "crontab" directory:
# chown root /var/spool/cron/crontabs

Check Contents

Check the owner of the "crontab" directory using command:

# ls -ld /var/spool/cron/crontabs
drwxrwx--- 2 bin cron 256 Jan 25 12:33 /var/spool/cron/crontabs

If the owner of the "crontab" directory is not "root" or "bin", this is a finding.

Vulnerability Number

V-91595

Documentable

False

Rule Version

AIX7-00-002078

Severity Override Guidance

Check the owner of the "crontab" directory using command:

# ls -ld /var/spool/cron/crontabs
drwxrwx--- 2 bin cron 256 Jan 25 12:33 /var/spool/cron/crontabs

If the owner of the "crontab" directory is not "root" or "bin", this is a finding.

Check Content Reference

M

Target Key

3491

Comments