UCF STIG Viewer Logo

Skeleton files must not have extended ACLs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22357 GEN001810 SV-63881r1_rule Medium
Description
If the skeleton files are not protected, unauthorized personnel could change user startup parameters and possibly jeopardize user files.
STIG Date
Oracle Linux 5 Security Technical Implementation Guide 2020-02-25

Details

Check Text ( C-52417r1_chk )
Check skeleton files for extended ACLs:

# ls -alL /etc/skel

If the permissions include a '+', the file has an extended ACL. If the file has an extended ACL and it has not been documented with the IAO, this is a finding.
Fix Text (F-54453r1_fix)
Remove the extended ACL from the file.
# setfacl --remove-all [skeleton file with extended ACL]
or:
# ls -lL /etc/skel|grep "\+ "|sed "s/^.* \//|xargs setfacl --remove-all
will remove all ACLs from the files.