UCF STIG Viewer Logo

The at.allow file must have mode 0600 or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-227768 GEN003340 SV-227768r854491_rule Medium
Description
Permissions more permissive than 0600 (read and write for the owner) may allow unauthorized or malicious access to the at.allow and/or at.deny files.
STIG Date
Solaris 10 X86 Security Technical Implementation Guide 2022-09-07

Details

Check Text ( C-29930r489658_chk )
Check the mode of the at.allow file.
# ls -lL /etc/cron.d/at.allow
If the at.allow file has a mode more permissive than 0600, this is a finding.
Fix Text (F-29918r489659_fix)
Change the mode of the at.allow file.
# chmod 0600 /etc/cron.d/at.allow