| GEN000250 - The time synchronization configuration file (such as /etc/ntp.conf) must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000253 - The time synchronization configuration file (such as /etc/ntp.conf) must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000920 - The root account's home directory (other than /) must have mode 0700. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001140 - System files and directories must not have uneven access permissions - '/etc' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001140 - System files and directories must not have uneven access permissions - '/usr/ucb' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001180 - All network services daemon files must have mode 0755 or less permissive - '/usr/bin/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001180 - All network services daemon files must have mode 0755 or less permissive - '/usr/sbin/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001320 - NIS/NIS+/yp files must be owned by root, sys, or bin - '/usr/lib/netsvc/yp/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001379 - The /etc/passwd file must be group-owned by bin, security, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001390 - The /etc/passwd file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001393 - The /etc/group file must have mode 0644 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001394 - The /etc/group file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001430 - The /etc/security/passwd file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001475 - The /etc/group file must not contain any group password hashes. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001540 - All files and directories contained in interactive user's home directories must be owned by the home directory's owner. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/.login' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/csh.cshrc' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/security/.profile' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/security/environ' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001740 - All global initialization files must be owned by root - '/etc/csh.cshrc' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001740 - All global initialization files must be owned by root - '/etc/security/environ' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001800 - All skeleton files (typically those in /etc/skel) must have mode 0644 or less permissive - '/etc/security/mkuser.sys' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001830 - All skeleton files (typically in /etc/skel) must be group-owned by security - '/etc/security/.profile' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.dispatch' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.env' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001870 - Local initialization files must be group-owned by the user's primary group or root - '~/.login' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001880 - All local initialization files must have mode 0740 or less permissive - '~/.env' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.bash_logout' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.emacs' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.env' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.login' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002060 - All .rhosts, .shosts, .netrc, or hosts.equiv files must be accessible by only root or the owner - '~/shosts.equiv' - user | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002210 - All shell files must be group-owned by root, bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002330 - Audio devices must not have extended ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002420 - Removable media, remote file systems and any file system not containing approved setuid files must be mounted with nosuid. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002520 - All public directories must be owned by root or an application account. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003020 - Cron must not execute programs in, or subordinate to, world-writable directories. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003050 - Crontab files must be group-owned by system, cron, or the crontab creator's primary group. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'bin' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'guest' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003060 - Default system accounts must be included in the cron.deny file - 'lpd' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003100 - Cron and crontab directories must have mode 0755 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron' - acls disabled | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron/crontabs/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003120 - Cron and crontab directories must be owned by root or bin. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003210 - The cron.deny file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003280 - Access to the at utility must be controlled via the at.allow and/or at.deny file(s) - '/var/adm/cron/at.deny exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN008060 - If the system is using LDAP the /etc/ldap.conf file must have mode 0644 or less permissive | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN008140 - The TLS certificate authority file and/or directory (as appropriate) must be owned by root | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
