UCF STIG Viewer Logo

ACLs for system files and directories will conform to minimum requirements.


Overview

Finding ID Version Rule ID IA Controls Severity
V-1130 2.006 SV-32511r1_rule Medium
Description
Failure to properly configure ACL file and directory permissions allows the possibility of unauthorized and anonymous modification to the operating system and installed applications.
STIG Date
Windows Server 2008 R2 Member Server Security Technical Implementation Guide 2019-06-18

Details

Check Text ( C-32815r1_chk )
The default ACL settings are adequate when the Security Option “Network access: Let everyone permissions apply to anonymous users” is set to “Disabled” (V-3377). If the default ACLs are maintained and the referenced option is set to “Disabled”, this check should normally be marked “Not a Finding”.

Note: If an ACL setting prevents a site’s applications from performing properly, the site can modify that specific setting. Settings should only be changed to the minimum necessary for the application to function. Each exception to the recommended settings should be documented and kept on file by the IAO.
Fix Text (F-28932r1_fix)
Maintain the default file ACLs and configure the Security Option: “Network access: Let everyone permissions apply to anonymous users” to “Disabled” (V-3377).