Detections
Analytics
GEN002230 - All shell files must not have extended ACLs.
Information
Shells with world/group write permissions give the ability to maliciously modify the shell to obtain unauthorized access.Solution
Remove the extended ACL from the shell file(s) and disable extended permissions.#acledit <directory>/<file>
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: ACCESS CONTROL
References: 800-53|AC-3(4), CAT|II, CCI|CCI-000225, Rule-ID|SV-38744r1_rule, STIG-ID|GEN002230, Vuln-ID|V-22366
Plugin: Unix
Control ID: d0d1bfe9cfddcd9532806a0ed4ad703f66e9a53a489d3814e3139b364eda1bfb