UCF STIG Viewer Logo

Skeleton files must not have extended ACLs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-226547 GEN001810 SV-226547r603265_rule Medium
Description
If the skeleton files are not protected, unauthorized personnel could change user's startup parameters and possibly jeopardize user's files.
STIG Date
Solaris 10 SPARC Security Technical Implementation Guide 2020-12-04

Details

Check Text ( C-28708r483047_chk )
Check skeleton files for extended ACLs.
# ls -alL /etc/skel
If the permissions include a "+", the file has an extended ACL and this is a finding.
Fix Text (F-28696r483048_fix)
Remove the extended ACL from the file.
# chmod A- [skeleton file with extended ACL]