Detections
Analytics
GEN001190 - All network services daemon files must not have extended ACLs - /usr/sbin/*
Information
Restricting permission on daemons will protect them from unauthorized modification and possible system compromise.Solution
Remove the extended ACL(s) from the network service daemon file(s).#acledit < directory >/< network service daemon >
Disable extended permissions.
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: ACCESS CONTROL
References: 800-53|AC-3(4), CAT|II, CCI|CCI-000225, Rule-ID|SV-38685r1_rule, STIG-ID|GEN001190, Vuln-ID|V-22313
Plugin: Unix
Control ID: 3623d26749dea5d58c7393f9d9f9f81de82e67b93e6eeda07824595b1266f67b