1.1.1.2.1.6 Set 'System objects: Default owner for objects created by members of the Administrators group' to 'Object creator' | CIS Windows 2003 MS v3.1.0 | Windows | ACCESS CONTROL |
1.1.1.2.1.28 Configure 'DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax' | CIS Windows 2003 MS v3.1.0 | Windows | ACCESS CONTROL |
2.020 - The system must prevent non-privileged users from executing privileged functions. | Tenable Fedora Linux Best Practices v2.0.0 | Unix | ACCESS CONTROL |
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile | CIS Debian 8 Workstation L1 v2.0.1 | Unix | ACCESS CONTROL |
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile | CIS Debian 8 Server L1 v2.0.1 | Unix | ACCESS CONTROL |
5.4.4 Ensure default user umask is 027 or more restrictive - override | CIS Ubuntu Linux 20.04 LTS Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
5.4.5 Ensure default user umask is configured - profiles | CIS Oracle Linux 7 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
5.4.5 Ensure default user umask is configured - system wide | CIS Oracle Linux 7 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
5.4.5 Ensure default user umask is configured - system wide default | CIS Red Hat EL7 Server L1 v3.0.1 | Unix | ACCESS CONTROL |
5.4.5 Ensure default user umask is configured - system wide umask | CIS Red Hat EL7 Server L1 v3.0.1 | Unix | ACCESS CONTROL |
5.5.5 Ensure default user umask is 027 or more restrictive - /etc/bashrc | CIS Oracle Linux 8 Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
5.8 Ensure non-privileged users are prevented from executing privileged functions | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
6.1.11 Ensure no unowned files or directories exist | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
6.1.12 Ensure no ungrouped files or directories exist | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
7.4 Set Default umask for Users '/etc/profile.d/* - umask 077' | CIS Red Hat Enterprise Linux 5 L1 v2.2 | Unix | ACCESS CONTROL |
Big Sur - Allow Administrators to Modify Security Settings and System Attributes | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
Big Sur - Allow Administrators to Promote Other Users to Administrator Status | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
Big Sur - Allow Information Transfer with Other Operating Systems | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
Catalina - Allow Administrators to Modify Security Settings and System Attributes | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
Catalina - Allow Administrators to Promote Other Users to Administrator Status | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
Catalina - Allow Information Transfer with Other Operating Systems | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - '/etc/profile umask < 022' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - 'umask < 0022' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
DG0009: DBMS software library permissions - '/etc/profile umask < 022' | DISA STIG Oracle 11 Installation v8r20 Linux | Unix | ACCESS CONTROL |
DG0009: DBMS software library permissions - 'umask < 0022' | DISA STIG Oracle 11 Installation v8r20 Linux | Unix | ACCESS CONTROL |
GEN000930 - The root accounts home directory must not have an extended ACL. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN001210 - All system command files must not have extended ACLs - '/etc' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN001290 - All manual page files must not have extended ACLs - '/usr/share/man' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN001310 - All library files must not have extended ACLs - '/lib/*' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN001310 - All library files must not have extended ACLs - '/usr/lib64/*' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN001374 - The /etc/nsswitch.conf file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN001390 - The /etc/passwd file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN002560 - The system and user default umask must be 077 - '/etc/*' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN003090 - Crontab files must not have extended ACLs - '/etc/cron.monthly' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN003090 - Crontab files must not have extended ACLs - '/etc/crontab' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN003110 - Cron and crontab directories must not have extended ACLs - '/etc/cron.monthly' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN003110 - Cron and crontab directories must not have extended ACLs - '/etc/crontab' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN003190 - The cron log files must not have extended ACLs. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.hourly/*' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN003255 - The at.deny file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN003790 - The services file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN003950 - The hosts.lpd (or equivalent) file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN004510 - The SMTP service log file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN004950 - The ftpusers file must not have an extended ACL - '/etc/vsftpd/ftpusers' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN005040 - All FTP users must have a default umask of 077 - '/etc/xinetd.d/gssftp' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
GEN005395 - The /etc/syslog.conf file must not have an extended ACL. - /etc/syslog.conf | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
Monterey - Allow Administrators to Modify Security Settings and System Attributes | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
Monterey - Allow Administrators to Promote Other Users to Administrator Status | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
Monterey - Allow Information Transfer with Other Operating Systems | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
OSX00185 - Change Global umask | DISA STIG Apple Mac OSX 10.5 v1r2 | Unix | ACCESS CONTROL |