UCF STIG Viewer Logo

All library files must not have extended ACLs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22317 GEN001310 SV-64531r2_rule Medium
Description
Unauthorized access could destroy the integrity of the library files.
STIG Date
Oracle Linux 5 Security Technical Implementation Guide 2020-02-25

Details

Check Text ( C-52945r2_chk )
Verify system libraries have no extended ACLs.

# ls -lLR /usr/lib/ /lib/ /usr/lib64 /lib64 | grep "+ "

If the permissions include a '+', the file has an extended ACL. If the file has an extended ACL and has not been approved by the IAO, this is a finding.
Fix Text (F-55127r1_fix)
Remove the extended ACL from the file.
# setfacl --remove-all /usr/lib/* /lib/*