Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-226619 | GEN003060 | SV-226619r603265_rule | Medium |
Description |
---|
To centralize the management of privileged account crontabs, of the default system accounts, only root may have a crontab. |
STIG | Date |
---|---|
Solaris 10 SPARC Security Technical Implementation Guide | 2020-12-04 |
Check Text ( C-28780r483269_chk ) |
---|
Check the cron.allow and cron.deny files for the system. # more /etc/cron.d/cron.allow # more /etc/cron.d/cron.deny If a default system account (such as bin, sys, adm, or others) is listed in the cron.allow file, or not listed in the cron.deny file if no cron.allow file exists, this is a finding. |
Fix Text (F-28768r483270_fix) |
---|
Remove default system accounts (such as bin, sys, adm, or others) from the cron.allow file if it exists, or add those accounts to the cron.deny file. |