Check: GEN003240
VMware ESX 3 Server:
GEN003240
(in version v1 r2)
Title
The cron.allow file must be owned by root, bin, or sys. (Cat II impact)
Discussion
If the owner of the cron.allow file is not set to root, bin, or sys, the possibility exists for an unauthorized user to view or to edit sensitive information.
Check Content
Check the owner of the cron.allow file. If the owner is not root, bin, or sys, this is a finding.
Fix Text
Change the owner of the cron.allow file to root, bin, or sys.
Additional Identifiers
Rule ID: SV-4361r2_rule
Vulnerability ID: V-27370
Group Title: GEN003240
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000888 |
The organization employs cryptographic mechanisms to protect the integrity and confidentiality of non-local maintenance and diagnostic communications. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |