UCF STIG Viewer Logo

The snmpd.conf file must not have an extended ACL.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22452 GEN005375 SV-45969r1_rule Medium
Description
The snmpd.conf file contains authenticators and must be protected from unauthorized access and modification.
STIG Date
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide 2018-09-19

Details

Check Text ( C-43250r1_chk )
Check the permissions of the SNMP configuration file.

Procedure:
Examine the default install location /etc/snmp/snmpd.conf
or:
# find / -name snmpd.conf

# ls -lL

If the permissions include a '+', the file has an extended ACL. If the file has an extended ACL and it has not been documented with the IAO, this is a finding.
Fix Text (F-39334r1_fix)
Remove the extended ACL from the file.
# setfacl --remove-all