Detections
Analytics
GEN005190 - The .Xauthority files must not have extended ACLs.
Information
.Xauthority files ensure the user is authorized to access specific X Windows host. Extended ACLs may permit unauthorized modification of these files, which could lead to Denial of Service to authorized access or allow unauthorized access to be obtained.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Remove the extended ACL from the file.# setfacl --remove-all .Xauthority
See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip
Item Details
Category: ACCESS CONTROL
References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Group-ID|V-22446, Rule-ID|SV-37682r1_rule, STIG-ID|GEN005190, Vuln-ID|V-22446
Plugin: Unix
Control ID: bd3ce707f5f56c504e9a6a0e95e9d9918810bac73bc5530859f6abb65e244e3f