Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-12035 | GEN000000-AIX00080 | SV-12536r2_rule | IAIA-1 IAIA-2 | High |
Description |
---|
The SYSTEM attribute in /etc/security/user defines the mechanisms used to authenticate specific user accounts. If the value is set to NONE, other attributes will be used to determine the authentication mechanisms, but if these attributes are not present, no authentication will be performed. To ensure authentication is always used for the system's accounts, the SYSTEM attribute must always be set to a valid setting other than NONE. |
STIG | Date |
---|---|
AIX 5.3 Security Technical Implementation Guide | 2013-03-26 |
Check Text ( C-7998r2_chk ) |
---|
Examine the /etc/security/user file. # grep SYSTEM /etc/security/user If the line contains SYSTEM=NONE, this is a finding. |
Fix Text (F-11292r2_fix) |
---|
Edit /etc/security/user and change any SYSTEM=NONE settings to a valid authentication setting. |