Access to the "at" utility must be controlled via the at.allow and/or at.deny file(s).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| GEN003280-ESXI5-PNF | GEN003280-ESXI5-PNF | GEN003280-ESXI5-PNF_rule | Medium |
| Description |
|---|
| The "at" facility selectively allows users to execute jobs at deferred times. It is usually used for one-time jobs. The at.allow file selectively allows access to the "at" facility. If there is no at.allow file, there is no ready documentation of who is allowed to submit "at" jobs. Applicable, but permanent not-a-finding - No "at" command. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-GEN003280-ESXI5-PNF_chk ) |
|---|
| ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding. |
| Fix Text (F-GEN003280-ESXI5-PNF_fix) |
|---|
| This requirement is permanent not a finding. No fix is required. |