AIX7-00-003010 - All library files must not have extended ACLs - /usr/lib/security

Information

Unauthorized access could destroy the integrity of the library files.

Solution

Remove the extended ACL(s) from the system library file(s) and disable extended permissions using the follow script:

find /usr/lib/security /usr/lib/methods/ -type f | while read file
do
aclget -o /tmp/111.acl $file > /dev/null 2>&1
if [ $? -eq 0 ]; then
grep -e '[[:space:]]enabled$' /tmp/111.acl > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo 'Removing ACL from '$file
cat /tmp/111.acl | head -n9 > /tmp/222.acl
echo ' disabled' >> /tmp/222.acl
aclput -i /tmp/222.acl $file
fi
fi
done

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V2R5_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(6), CAT|II, CCI|CCI-001499, Rule-ID|SV-215326r508663_rule, STIG-ID|AIX7-00-003010, STIG-Legacy|SV-101579, STIG-Legacy|V-91481, Vuln-ID|V-215326

Plugin: Unix

Control ID: fb708ffb45781190005167dab08e59b62840bc9cea2f546cd32ad8245c963ae9