GEN003280 - Access to the at utility must be controlled via the at.allow and/or at.deny file(s).

Information

The at facility selectively allows users to execute jobs at deferred times. It is usually used for one-time jobs. The at.allow file selectively allows access to the at facility. If there is no at.allow file, there is no ready documentation of who is allowed to submit at jobs.

Solution

Create at.allow and/or at.deny files containing appropriate lists of users to be allowed or denied access to the 'at' daemon.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_x86_V2R4_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(4), CAT|II, CCI|CCI-002165, Rule-ID|SV-227765r854490_rule, STIG-ID|GEN003280, STIG-Legacy|SV-27376, STIG-Legacy|V-984, Vuln-ID|V-227765

Plugin: Unix

Control ID: ad88388cfd37c515f331ef942109d75d72ab5cb92c87ae58b1e430b400132a3f