Configure the "at daemon" setting to organizational standards.

Back

CONTROL ID
08787

CONTROL TYPE
Establish/Maintain Documentation

CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS

This Control directly supports the implied Control(s):

Configure Red Hat Enterprise Linux to Organizational Standards., CC ID: 08713

There are no implementation support Controls.

SELECTED AUTHORITY DOCUMENTS COMPLIED WITH

Title: Restrict at Daemon Description: The at daemon works with the cron daemon to allow non-privileged users to submit one time only jobs at their convenience. There are two files that control at: /etc/at.allow and /etc/at.deny. If /etc/at.allow exists, then users listed in the file are the only… (Rule: xccdf_org.cisecurity.benchmarks_rule_6.1.10_Restrict_at_Daemon Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_6.1.10.1_filesystem.etc.atdeny.nonexistant, The Center for Internet Security CentOS 6 Level 1 Benchmark, 1.0.0)
Title: Restrict at Daemon Description: The at daemon works with the cron daemon to allow non-privileged users to submit one time only jobs at their convenience. There are two files that control at: /etc/at.allow and /etc/at.deny. If /etc/at.allow exists, then users listed in the file are the only… (Rule: xccdf_org.cisecurity.benchmarks_rule_6.1.10_Restrict_at_Daemon Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_6.1.10.2_filesystem.etc.atallow.permisions, The Center for Internet Security CentOS 6 Level 1 Benchmark, 1.0.0)
Title: Restrict at Daemon Description: The at daemon works with the cron daemon to allow non-privileged users to submit one time only jobs at their convenience. There are two files that control at: /etc/at.allow and /etc/at.deny. If /etc/at.allow exists, then users listed in the file are the onl… (Rule:xccdf_org.cisecurity.benchmarks_rule_6.1.10_Restrict_at_Daemon Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_6.1.10.1_filesystem.etc.atdeny.nonexistant, The Center for Internet Security Red Hat Enterprise Linux 6 Level 1 Benchmark, 1.2.0)
Title: Restrict at Daemon Description: The at daemon works with the cron daemon to allow non-privileged users to submit one time only jobs at their convenience. There are two files that control at: /etc/at.allow and /etc/at.deny. If /etc/at.allow exists, then users listed in the file are the onl… (Rule:xccdf_org.cisecurity.benchmarks_rule_6.1.10_Restrict_at_Daemon Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_6.1.10.2_filesystem.etc.atallow.permisions, The Center for Internet Security Red Hat Enterprise Linux 6 Level 1 Benchmark, 1.2.0)
Title: Restrict at Daemon Description: The at daemon works with the cron daemon to allow non-privileged users to submit one time only jobs at their convenience. There are two files that control at: /etc/at.allow and /etc/at.deny. If /etc/at.allow exists, then users listed in the file are the onl… (Rule:xccdf_org.cisecurity.benchmarks_rule_6.1.10_Restrict_at_Daemon Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_6.1.10.1_filesystem.etc.atdeny.nonexistant, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
Title: Restrict at Daemon Description: The at daemon works with the cron daemon to allow non-privileged users to submit one time only jobs at their convenience. There are two files that control at: /etc/at.allow and /etc/at.deny. If /etc/at.allow exists, then users listed in the file are the onl… (Rule:xccdf_org.cisecurity.benchmarks_rule_6.1.10_Restrict_at_Daemon Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_6.1.10.2_filesystem.etc.atallow.permisions, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
The at daemon should be enabled or disabled as appropriate. Technical Mechanisms: via chkconfig Parameters: enabled / disabled References: Section: 3.4.3 - Disable at service if Possible (CCE-14466-7, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 5, 5.20130214)