Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-215199 | AIX7-00-001040 | SV-215199r508663_rule | Medium |
Description |
---|
Excessive permissions on root home directories allow unauthorized access to root user files. |
STIG | Date |
---|---|
IBM AIX 7.x Security Technical Implementation Guide | 2021-03-10 |
Check Text ( C-16397r294048_chk ) |
---|
Verify the "root" account's home directory has no extended ACL using command: # aclget ~root * * ACL_type AIXC * attributes: base permissions owner(root): rwx group(system): --- others: --- extended permissions disabled If extended permissions are enabled, the directory has an extended ACL, and this is a finding. |
Fix Text (F-16395r294049_fix) |
---|
Remove the extended ACL from the "root" account's home directory using command: # acledit ~root Change extended attributes to disabled. |