GEN001490 - User home directories must not have extended ACLs.

Information

Excessive permissions on home directories allow unauthorized access to user files.

Solution

Remove the extended ACL from the file.
# setfacl --remove-all [user home directory with extended ACL]

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Audit Name: DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|III, CCI|CCI-000225, Group-ID|V-22350, Rule-ID|SV-37162r1_rule, STIG-ID|GEN001490, Vuln-ID|V-22350

Plugin: Unix

Control ID: 09728aafec9f119154ab1cfb5e6564a2fcf12795e615cf0ac20ca1f37dccf330