GEN003420 - The at directory must be owned by root, bin, sys, daemon, or cron.

Information

If the owner of the at directory is not root, bin, sys, daemon, or cron unauthorized users could be allowed to view or edit files containing sensitive information within the directory.

Solution

Change the owner of the at directory to root, bin, sys, daemon, or cron.

Procedure:
# chown bin /var/spool/cron/atjobs

See Also

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Group-ID|V-4365, Rule-ID|SV-39350r1_rule, STIG-ID|GEN003420, Vuln-ID|V-4365

Plugin: Unix

Control ID: 7eeb9c7d9f5879918475e2d468ab736e67b312744c3c56d9a0867dfa2479c416