Information
Extended attributes are implemented as files in a "shadow" file system that is not generally
visible via normal administration commands without special arguments.
Rationale:
Attackers or malicious users could "hide" information, exploits, etc. in extended attribute
areas. Since extended attributes are rarely used, it is important to find files with extended
attributes set.
Solution
Correct or justify any items discovered in the Audit step. Determine the existence of any
files having extended file attributes, and determine the best course of action in accordance
with site policy. Note that the Solaris OS does not ship with files that have extended
attributes.