800-53|AC-3(4)(d)

Title

DISCRETIONARY ACCESS CONTROL

Description

Choose the security attributes to be associated with newly created or revised objects; or

Reference Item Details

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.7.7 - Miscellaneous Enhancements - 'default umask = 27'UnixCIS AIX 5.3/6.1 L2 v1.1.0
2.0.3 Set umask value for DB2 admin user .profile fileUnixCIS IBM DB2 OS L1 v1.2.0
2.3 Set umask value for DB2 admin user .profile fileUnixCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux
2.3 Set umask value for DB2 admin user .profile fileUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 2
2.3 Set umask value for DB2 admin user .profile fileUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.2 Set daemon umask - Check if CMASK is set to 022 in /etc/default/init (Solaris 8 or later)UnixCIS Solaris 9 v1.3
3.3 Set daemon umask (/etc/* umask)UnixCIS FreeBSD v1.0.5
3.3 Set daemon umask (/etc/periodic/* umask)UnixCIS FreeBSD v1.0.5
3.3 Set daemon umask (/usr/local/etc/rc.d umask)UnixCIS FreeBSD v1.0.5
3.3 Set daemon umask (/usr/local/etc/rc.d/* umask)UnixCIS FreeBSD v1.0.5
3.04 Oracle account .profile file - 'Unix systems umask 022'UnixCIS v1.1.0 Oracle 11g OS L1
5.1 Set daemon umask - Check if CMASK is set to 022 in /etc/default/init.UnixCIS Solaris 10 L1 v5.2
5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc'UnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc'UnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/profile'UnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/profile'UnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bashrcUnixCIS Amazon Linux v2.1.0 L1
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profileUnixCIS Amazon Linux v2.1.0 L1
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile.d/*.shUnixCIS Amazon Linux v2.1.0 L1
5.4.8 Ensure Default user umask is 077UnixCIS Amazon Linux 2 STIG v1.0.0 L3
5.4.10 Ensure default user umask is 077UnixCIS Amazon Linux 2 STIG v1.0.0 L3
7.3 Set Default umask for usersUnixCIS Solaris 11.2 L1 v1.1.0
7.3 Set Default umask for users - UMASK = 027UnixCIS Solaris 11.1 L1 v1.0.0
7.3 Set Default umask for users - UMASK = 027UnixCIS Solaris 11 L1 v1.1.0
7.4 Set Default File Creation Mask for FTP UsersUnixCIS Solaris 11 L1 v1.1.0
7.4 Set Default File Creation Mask for FTP UsersUnixCIS Solaris 11.2 L1 v1.1.0
7.4 Set Default File Creation Mask for FTP UsersUnixCIS Solaris 11.1 L1 v1.0.0
7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/.login.UnixCIS Solaris 10 L1 v5.2
7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/profile.UnixCIS Solaris 10 L1 v5.2
7.6 Set Default umask for Users, Check if 'UMASK' is set to 077.UnixCIS Solaris 10 L1 v5.2
7.7 Set Default umask for FTP Users - Check if 'defumask' is set to 077.UnixCIS Solaris 10 L1 v5.2
8.8 Set default umask for users (/etc/csh.cshrc)UnixCIS FreeBSD v1.0.5
8.8 Set default umask for users (/etc/csh.login)UnixCIS FreeBSD v1.0.5
8.8 Set default umask for users (/etc/login.conf)UnixCIS FreeBSD v1.0.5
8.8 Set default umask for users (/etc/profile)UnixCIS FreeBSD v1.0.5
8.8 Set default umask for users (/usr/share/skel/dot.cshrc)UnixCIS FreeBSD v1.0.5
8.8 Set default umask for users (/usr/share/skel/dot.shrc)UnixCIS FreeBSD v1.0.5
8.11 Set default umask for users, Check if 'umask' is set to 077 - Check /etc/.login.UnixCIS Solaris 9 v1.3
8.11 Set default umask for users, Check if 'umask' is set to 077 - Check /etc/profile.UnixCIS Solaris 9 v1.3
8.11 Set default umask for users, Check if 'UMASK' is set to 077.UnixCIS Solaris 9 v1.3
8.12 Set default umask for FTP users (Solaris 9)UnixCIS Solaris 9 v1.3
10.4 Set Default umask for Users - /etc/bash.bashrcUnixCIS Debian Linux 7 L1 v1.0.0
10.4 Set Default umask for Users - /etc/profile.d/*UnixCIS Debian Linux 7 L1 v1.0.0
10.4 Set Default umask for Users- '/etc/login.defs'UnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
10.19 Setting Security Lifecycle Listener (check for umask present in startup)UnixCIS Apache Tomcat 7 L1 v1.1.0 Middleware
10.19 Setting Security Lifecycle Listener (check for umask present in startup)UnixCIS Apache Tomcat 7 L1 v1.1.0
10.19 Setting Security Lifecycle Listener (check for umask uncommented in startup)UnixCIS Apache Tomcat 7 L1 v1.1.0
10.19 Setting Security Lifecycle Listener (check for umask uncommented in startup)UnixCIS Apache Tomcat 7 L1 v1.1.0 Middleware
DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - '/etc/profile umask < 022'UnixDISA STIG Oracle 11 Installation v9r1 Linux
DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - 'umask < 0022'UnixDISA STIG Oracle 11 Installation v9r1 Linux