User home directories must not have extended ACLs.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-51237 | OSX8-00-00985 | SV-65447r1_rule | Medium |
| Description |
|---|
| User home directories must not have extended ACLs. |
| STIG | Date |
|---|---|
| Apple OS X 10.8 (Mountain Lion) Workstation STIG | 2015-02-10 |
Details
| Check Text ( C-53585r1_chk ) |
|---|
| To check if the Users home directory has any extended ACLs, run the following command: ls -al /Users Any of the folders that contain a "+" character in the permissions is a finding. |
| Fix Text (F-56037r1_fix) |
|---|
| To remove ACLs from a folder, run the following command: sudo chmod -R -N /Users/[username] Where [username] is the folder that contains ACLs. |