Detections
Analytics
GEN001390 - The /etc/passwd file must not have an extended ACL.
Information
File system ACLs can provide access to files beyond what is allowed by the mode numbers of the files. The /etc/passwd file contains the list of local system accounts. It is vital to system security and must be protected from unauthorized modification.Solution
Remove the extended ACL from the /etc/passwd file and disable extended permissions.#acledit /etc/passwd
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: ACCESS CONTROL
References: 800-53|AC-3(4), CAT|II, CCI|CCI-000225, Rule-ID|SV-38724r1_rule, STIG-ID|GEN001390, Vuln-ID|V-22334
Plugin: Unix
Control ID: 359347eba37b942973a05549ac3aa31b8ec78d2fe40dbd06b54544596f8234ae