1.3.3 Ensure AIDE is configured to verify ACLs - installed
The operating system must be configured so that the file integrity tool is configured to verify Access Control Lists (ACLs). Rationale: ACLs can provide permissions beyond those permitted through the file mode and must be verified by file integrity tools.
Configure the file integrity tool to check file and directory ACLs. If AIDE is installed, ensure the acl rule is present on all uncommented file and directory selection lists. Example: vim /etc/aide.conf add a rule that includes the acl example: All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux /bin All # apply the custom rule to the files in bin /sbin All # apply the same custom rule to the files in sbin