Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-22366 | GEN002230 | SV-38744r1_rule | ECLP-1 | Medium |
Description |
---|
Shells with world/group write permissions give the ability to maliciously modify the shell to obtain unauthorized access. |
STIG | Date |
---|---|
AIX 5.3 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2014-10-03 |
Check Text ( C-37243r1_chk ) |
---|
Check the permissions of each shell referenced in /etc/shells. Procedure: # cat /etc/shells For each shell listed, run aclget #aclget Check the permissions of each shell referenced in /etc/security/login.cfg. Procedure: #grep shells /etc/security/login.cfg For each shell listed, run aclget # aclget Otherwise, check any shells found on the system. # find / -name "*sh #aclget If extended permissions are enabled on any shell, this is a finding. |
Fix Text (F-32458r1_fix) |
---|
Remove the extended ACL from the shell file(s) and disable extended permissions. #acledit |