UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

All shell files must not have extended ACLs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22366 GEN002230 SV-26491r1_rule ECLP-1 Medium
Description
Shells with world/group write permissions give the ability to maliciously modify the shell to obtain unauthorized access.
STIG Date
Solaris 9 SPARC Security Technical Implementation Guide 2012-05-25

Details

Check Text ( C-27549r1_chk )
If /etc/shells exists, check the permissions of each shell referenced.
# cat /etc/shells | xargs -n1 ls -lL

Otherwise, check any shells found on the system.
# find / -name "*sh" | xargs -n1 ls -lL

If the permissions include a "+", the file has an extended ACL, this is a finding.
Fix Text (F-23720r1_fix)
Remove the extended ACL from the file.
# getfacl [shell]
Remove each ACE returned.
# setfacl -d [ACE] [shell]