UCF STIG Viewer Logo

The cron log files must not have extended ACLs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22388 GEN003190 SV-38783r1_rule ECLP-1 ECTP-1 Medium
Description
Cron logs contain reports of scheduled system activities and must be protected from unauthorized access or manipulation.
STIG Date
Draft AIX Security Technical Implementation Guide 2011-08-17

Details

Check Text ( C-37250r1_chk )
#aclget /var/adm/cron/log
Verify if extended permissions are disabled. If extended permissions are not disabled, this is a finding.
Fix Text (F-32475r1_fix)
Remove the extended ACL from the cronlog file and disable extended permissions.

#acledit /var/adm/cron/log