STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The at.allow file must be group-owned by root, bin, sys, or cron.DISA Rule
SV-64413r1_rule
Vulnerability Number
V-22397
Group Title
GEN003470
Rule Version
GEN003470
Severity
CAT II
CCI(s)
- CCI-000225 - The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.
Weight
10
Fix Recommendation
Change the group ownership of the file.
Procedure:
# chgrp root /etc/at.allow
Check Contents
Check the group ownership of the file.
Procedure:
# ls -lL /etc/at.allow
If the file is not group-owned by root, bin, sys, or cron, this is a finding.
Vulnerability Number
V-22397
Documentable
False
Rule Version
GEN003470
Severity Override Guidance
Check the group ownership of the file.
Procedure:
# ls -lL /etc/at.allow
If the file is not group-owned by root, bin, sys, or cron, this is a finding.
Check Content Reference
M
Responsibility
System Administrator
Target Key
2207
Comments