Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-22316 | GEN001290 | SV-38282r1_rule | ECLP-1 | Low |
Description |
---|
If manual pages are compromised, misleading information could be inserted, causing actions possibly compromising the system. |
STIG | Date |
---|---|
HP-UX 11.23 Security Technical Implementation Guide | 2013-03-28 |
Check Text ( C-36315r3_chk ) |
---|
Verify that all manual page files do not have extended ACLs. # ls -lL `env | grep MANPATH | cut -f 2,2 -d "=" | tr ':' ' ' ` If the permissions include a "+" the file has an extended ACL, this is a finding. |
Fix Text (F-31570r2_fix) |
---|
Remove the optional ACL from the file(s). # chacl -z /usr/share/man/* /usr/share/info/* /usr/share/infopage/* |