GEN006570 - The file integrity tool must be configured to verify ACLs.

Information

ACLs can provide permissions beyond those permitted through the file mode and must be verified by file integrity tools.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

If using AIDE, edit the configuration and add the acl option for all monitored files and directories.

If using a different file integrity tool, configure ACL checking per the tool's documentation.

See Also

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-7, CAT|III, CCI|CCI-001297, Group-ID|V-22507, Rule-ID|SV-26858r1_rule, STIG-ID|GEN006570, Vuln-ID|V-22507

Plugin: Unix

Control ID: 649df29f286aaf2b3b72d7c4359cfd85e0b44e40d04633a3d8c866a8390fa755