UCF STIG Viewer Logo

The SYSTEM attribute must not be set to NONE for any account.


Overview

Finding ID Version Rule ID IA Controls Severity
V-12035 GEN000000-AIX00080 SV-12536r3_rule IAIA-1 IAIA-2 High
Description
The SYSTEM attribute in /etc/security/user defines the mechanisms used to authenticate specific user accounts. If the value is set to NONE, other attributes will be used to determine the authentication mechanisms, but if these attributes are not present, no authentication will be performed. To ensure authentication is always used for the system's accounts, the SYSTEM attribute must always be set to a valid setting other than NONE.
STIG Date
Draft AIX Security Technical Implementation Guide 2011-08-17

Details

Check Text ( C-7998r2_chk )
Examine the /etc/security/user file:

# grep SYSTEM /etc/security/user

If the line contains SYSTEM=NONE then this is a finding.
Fix Text (F-11292r2_fix)
Edit /etc/security/user and change any SYSTEM=NONE settings to a valid authentication setting.