The AIX hosts.lpd file must not contain a + character.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-91633	AIX7-00-003037	SV-101731r1_rule		Medium

Description
Having the '+' character in the hosts.lpd (or equivalent) file allows all hosts to use local system print resources.

STIG	Date
IBM AIX 7.x Security Technical Implementation Guide	2020-02-24

Details

Check Text ( C-90787r3_chk )
Look for the presence of a print service configuration file by running the following commands: # find /etc -name hosts.lpd -print # find /etc -name Systems -print # find /etc -name printers.conf If none of the files are found, this is not applicable. Otherwise, examine the configuration file by running: # more \| grep "+" @+hamlet +lear @+prospero If any lines are found that contain only a "+" character, this is a finding.

Check Text ( C-90787r3_chk )

Look for the presence of a print service configuration file by running the following commands:

# find /etc -name hosts.lpd -print
# find /etc -name Systems -print
# find /etc -name printers.conf

If none of the files are found, this is not applicable.

Otherwise, examine the configuration file by running:

# more | grep "+"
@+hamlet
+lear
@+prospero

If any lines are found that contain only a "+" character, this is a finding.

Fix Text (F-97831r1_fix)
Remove the "+" entries from the "hosts.lpd" (or equivalent) file.