From HP-UX 11.31 Security Technical Implementation Guide
Part of GEN000000-HPUX0450
Associated with IA controls: ECSC-1
Associated with: CCI-000366
Password aging attributes are stored in /etc/default/security and /etc/shadow. Anytime a password aging policy is changed, policy requirements are updated in /etc/default/security. If the system is allowed to override or ignore updates made to /etc/default/security, deprecated password aging policies will remain intact and never enforce newer requirements.
For Trusted Mode: If the system is operating in Trusted Mode, this check is not applicable. For SMSE: Check the OVERRIDE_SYSDEF_PWAGE attribute setting. # grep OVERRIDE_SYSDEF_PWAGE /etc/default/security If the OVERRIDE_SYSDEF_PWAGE attribute is missing or not set to 0, this is a finding.
If the system is operating in Trusted Mode, no fix is required. For SMSE: Note: There may be additional package/bundle updates that must be installed to support attributes in the /etc/default/security file. Use the SAM/SMH interface (/etc/default/security file) to update the OVERRIDE_SYSDEF_PWAGE attribute. See the below example: OVERRIDE_SYSDEF_PWAGE=0 Note: If manually editing the /etc/default/security file, save any change(s) before exiting the editor.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer