GEN001290 - All manual page files must not have extended ACLs - '/usr/share/man/*'

Information

If manual pages are compromised, misleading information could be inserted, causing actions that may compromise the system.

Solution

Remove the extended ACLs from system manual page file(s) and disable extended permissions.
#acledit < directory >/< file >

See Also

http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|III, CCI|CCI-000225, Rule-ID|SV-38688r1_rule, STIG-ID|GEN001290, Vuln-ID|V-22316

Plugin: Unix

Control ID: edc7ea7a35056ec9e9e247ebc2e8ebecf903c96770baa8385ee2de68238cf8d0