[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 81276 Download | Alert*

The audit logs must not have extended ACLs. Use the chmod command to apply or remove the extended ACL permissions as appropriate.

Controls whether the login window shows a list of non-local (other) users from which to choose when logging in, or shows fields in which a user and a password can be entered. In loginwindow.plist, set the SHOWOTHERUSERS_MANAGED key = false. If the key does not exist, a list of users is displayed.

The login window must be configured to prompt all users for both a username and a password. By default, the system displays a list of known users at the login screen. This gives an advantage to an attacker with physical access to the system, as the attacker would only have to guess the password for one of the listed accounts.

The permissions of the audit logs must be 0640 or as appropriate. The audit files are under /var/audit; set the permission for each via chmod.

The group of the audit logs must be wheel. The audit files are under /var/audit; set the group for each via chgrp.

The owner of the audit logs must be root or as appropriate.

Specifies the maximum time the login window can be inactive before the screen saver starts. This is distinct from a user session's idle time. Setting to 900 seconds (15 minutes) instead of the OEM value of unlimited. In loginwindow.plist, set the loginWindowIdleTime key = 900. If the key does not exist, idle time is unlimited.

Configuration settings must be verified by a centrally managed system such as an MDM to ensure that they have not been changed. Configuration settings are the configurable security-related parameters of information technology products that are part of the information system. Security-related parameters are those parameters impacting the security state of the system including parameters related to ...

The owner of 'csh init' files must be root or as appropriate. Use the command chown root /etc/csh.cshrc /etc/csh.login /etc/csh.logout to change the owner as appropriate.

The permissions of bash 'init' files must be 444 or as appropriate. /etc/profile it is used to set system wide environmental variables on users shells. /etc/bashrc file is meant for setting command aliases and functions used by bash shell users.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   8127

© 2013 SecPod Technologies