Detections
Analytics
GEN001394 - The /etc/group file must not have an extended ACL.
Information
The /etc/group file is critical to system security and must be protected from unauthorized modification. The group file contains a list of system groups and associated information.Solution
Remove the extended ACL from the /etc/group file and disable extended permissions.#acledit /etc/group
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: ACCESS CONTROL
References: 800-53|AC-3(4), CAT|II, CCI|CCI-000225, Rule-ID|SV-38726r1_rule, STIG-ID|GEN001394, Vuln-ID|V-22338
Plugin: Unix
Control ID: 87f268eea9013ebffc2e16fe5383692f0c3f109b29d8bc272a07336a945c4be3