UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The atjobs directory must be owned by root, bin, daemon or at.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4365 GEN003420 SV-45672r2_rule Medium
Description
If the owner of the "atjobs" directory is not root, bin, daemon or at, unauthorized users could be allowed to view or edit files containing sensitive information within the directory.
STIG Date
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide 2018-09-19

Details

Check Text ( C-43038r2_chk )
Check the ownership of the "at" directory:

Procedure:
# ls -ld /var/spool/atjobs

If the directory is not owned by root, bin, daemon, or at, this is a finding.
Fix Text (F-39070r2_fix)
Change the owner of the "atjobs" directory to root, bin, daemon or at.

Procedure:
# chown <"atjobs" directory>