[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 961 Download | Alert*

The permissions of bash 'init' files must be 444 or as appropriate. /etc/profile it is used to set system wide environmental variables on users shells. /etc/bashrc file is meant for setting command aliases and functions used by bash shell users.

The owner of 'csh init' files must be root or as appropriate. Use the command chown root /etc/csh.cshrc /etc/csh.login /etc/csh.logout to change the owner as appropriate.

Configuration settings must be verified by a centrally managed system such as an MDM to ensure that they have not been changed. Configuration settings are the configurable security-related parameters of information technology products that are part of the information system. Security-related parameters are those parameters impacting the security state of the system including parameters related to ...

Specifies the maximum time the login window can be inactive before the screen saver starts. This is distinct from a user session's idle time. Setting to 900 seconds (15 minutes) instead of the OEM value of unlimited. In loginwindow.plist, set the loginWindowIdleTime key = 900. If the key does not exist, idle time is unlimited.

The owner of the audit logs must be root or as appropriate.

The group of the audit logs must be wheel. The audit files are under /var/audit; set the group for each via chgrp.

The permissions of the audit logs must be 0640 or as appropriate. The audit files are under /var/audit; set the permission for each via chmod.

The login window must be configured to prompt all users for both a username and a password. By default, the system displays a list of known users at the login screen. This gives an advantage to an attacker with physical access to the system, as the attacker would only have to guess the password for one of the listed accounts.

Controls whether the login window shows a list of non-local (other) users from which to choose when logging in, or shows fields in which a user and a password can be entered. In loginwindow.plist, set the SHOWOTHERUSERS_MANAGED key = false. If the key does not exist, a list of users is displayed.

The audit logs must not have extended ACLs. Use the chmod command to apply or remove the extended ACL permissions as appropriate.

Pages:      Start    12    13    14    15    16    17    18    19    20    21    22    23    24    25    ..   96

© 2013 SecPod Technologies