UCF STIG Viewer Logo

All files and directories contained in user home directories must not have extended ACLs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22352 GEN001570 SV-38325r1_rule ECLP-1 Medium
Description
Excessive permissions allow unauthorized access to user files.
STIG Date
HP-UX 11.23 Security Technical Implementation Guide 2015-12-02

Details

Check Text ( C-36361r1_chk )
Check the contents of user home directories for files with extended ACLs.
# cat /etc/passwd | cut -f 6,6 -d ":" | xargs -n1 -IDIR ls -alLR DIR

If the permissions include a '+', the file has an extended ACL, this is a finding.
Fix Text (F-31698r1_fix)
Remove the optional ACL from the file.
# chacl -z [user file with extended ACL]