UCF STIG Viewer Logo

Audio devices must not have extended ACLs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22367 GEN002330 SV-38743r1_rule ECLP-1 Medium
Description
File system ACLs can provide access to files beyond what is allowed by the mode numbers of the files.
STIG Date
Draft AIX Security Technical Implementation Guide 2011-08-17

Details

Check Text ( C-37184r1_chk )
Determine the audio device files for the system.
Procedure:
# /usr/sbin/lsdev -C | grep -i audio

#aclget /dev/*aud0
Check if extended permissions are disabled. If extended permissions are not disabled, this is a finding.
Fix Text (F-32460r1_fix)
Remove the extended ACL from the audio device file(s) and disable extended permissions.

#acledit /