GEN001475 - The /etc/group file must not contain any group password hashes. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN001500 - All interactive user home directories must be owned by their respective users. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN001540 - All files and directories contained in interactive user home directories must be owned by the home directorys owner. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN001550 - All files and directories contained in user home directories must be group-owned by a group of which the home directorys owner is a member. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN001560 - All files and directories contained in user home directories must have mode 0750 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN002320 - Audio devices must have mode 0660 or less permissive - '/dev/snd/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN002330 - Audio devices must not have extended ACLs - '/dev/audio*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN002340 - Audio devices must be owned by root - '/dev/audio*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN002420 - Removable media, remote file systems, and any file system not containing approved setuid files must be mounted with the nosuid option - nosuid option. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN004430 - Files executed through a mail aliases file must not have extended ACLs. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN004510 - The SMTP service log file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN004920 - The ftpusers file must be owned by root - '/etc/vsftpd.ftpusers' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN004920 - The ftpusers file must be owned by root - '/etc/vsftpd/ftpusers' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN004930 - The ftpusers file must be group-owned by root, bin, sys, or system - '/etc/vsftpd.ftpusers' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN004950 - The ftpusers file must not have an extended ACL - '/etc/ftpusers' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005040 - All FTP users must have a default umask of 077 - '/etc/xinetd.d/gssftp' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005120 - The TFTP daemon must be configured to vendor specifications, including a dedicated TFTP user account, a non-login shell such as /bin/false, and a home directory owned by the TFTP user. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005180 - All .Xauthority files must have mode 0600 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN005340 - Management Information Base (MIB) files must have mode 0640 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN005350 - Management Information Base (MIB) files must not have extended ACLs. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN005360 - The snmpd.conf file must be owned by root. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN005375 - The snmpd.conf file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN005390 - The /etc/syslog.conf file must have mode 0640 or less permissive - /etc/syslog.conf | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN005420 - The /etc/syslog.conf file must be group-owned by root, bin, sys, or system. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN005537 - The SSH daemon must use privilege separation. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN005740 - The Network File System (NFS) export configuration file must be owned by root. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN005800 - All Network File System (NFS) exported system files and system directories must be owned by root. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
GEN006100 - The /etc/smb.conf file must be owned by root. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN006120 - The /etc/smb.conf file must be group-owned by root, bin, sys, or system. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN006160 - The /etc/smbpasswd file must be owned by root - '/etc/samba.secrets.tdb' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN006160 - The /etc/smbpasswd file must be owned by root - '/etc/samba/passdb.tdb' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN006210 - The /etc/smbpasswd file must not have an extended ACL - '/etc/samba/passdb.tdb' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN006220 - The smb.conf file must use the hosts option to restrict access to Samba - hosts option to restrict access to Samba. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN006330 - The /etc/news/passwd.nntp file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008080 - If the system is using LDAP for authentication or account information, the /etc/ldap.conf (or equivalent) file must be owned by root - or equivalent file must be owned by root. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008100 - If the system is using LDAP for authentication or account information, the /etc/ldap.conf (or equivalent) file must be group-owned by root, bin, sys, or system. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008120 - If the system is using LDAP for authentication or account information, the /etc/ldap.conf (or equivalent) file must not have an extended ACL - or equivalent file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008140 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must be owned by root - '/etc/ssl/' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008160 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must be group-owned by root, bin, sys, or system - '/etc/ssl/' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008180 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must have mode 0644 (0755 for directories) or less permissive - '/etc/ssl/ca.cert' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008200 - If the system is using LDAP for authentication or account information, the LDAP TLS certificate authority file and/or directory (as appropriate) must not have an extended ACL - as appropriate must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008220 - For systems using NSS LDAP, the TLS certificate file must be owned by root - ''/etc/openldap/cacerts/cert.pem | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008260 - If the system is using LDAP for authentication or account information, the LDAP TLS certificate file must have mode 0644 or less permissive - '/etc/openldap/cacerts/cert.pem' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008280 - If the system is using LDAP for authentication or account information, the LDAP TLS certificate file must not have an extended ACL - '/etc/openldap/cacerts/cert.pem' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008300 - If the system is using LDAP for authentication or account information, the LDAP TLS key file must be owned by root - '/etc/openldap/cacerts/key.pem' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008320 - If the system is using LDAP for authentication or account information, the LDAP TLS key file must be group-owned by root, bin, or sys - '/etc/openldap/cacerts/key.pem' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008340 - If the system is using LDAP for authentication or account information, the LDAP TLS key file must have mode 0600 or less permissive - '/etc/openldap/cacerts/key.pem' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
GEN008360 - If the system is using LDAP for authentication or account information, the LDAP TLS key file must not have an extended ACL - '/etc/openldap/cacerts/key.pem' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |