Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The SYSTEM attribute must not be set to NONE for any account.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-12035 | GEN000000-AIX00080 | SV-12536r2_rule | IAIA-1 IAIA-2 | High |
| Description |
|---|
| The SYSTEM attribute in /etc/security/user defines the mechanisms used to authenticate specific user accounts. If the value is set to NONE, other attributes will be used to determine the authentication mechanisms, but if these attributes are not present, no authentication will be performed. To ensure authentication is always used for the system's accounts, the SYSTEM attribute must always be set to a valid setting other than NONE. |
| STIG | Date |
|---|---|
| AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2018-09-18 |
Details
| Check Text ( C-7998r2_chk ) |
|---|
| Examine the /etc/security/user file. # grep SYSTEM /etc/security/user If the line contains SYSTEM=NONE, this is a finding. |
| Fix Text (F-11292r2_fix) |
|---|
| Edit /etc/security/user and change any SYSTEM=NONE settings to a valid authentication setting. |