GEN001390 - The /etc/passwd file must not have an extended ACL.

Information

File system ACLs can provide access to files beyond what is allowed by the mode numbers of the files. The /etc/passwd file contains the list of local system accounts. It is vital to system security and must be protected from unauthorized modification.

Solution

Remove the extended ACL from the /etc/passwd file and disable extended permissions.
#acledit /etc/passwd

See Also

http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Rule-ID|SV-38724r1_rule, STIG-ID|GEN001390, Vuln-ID|V-22334

Plugin: Unix

Control ID: 359347eba37b942973a05549ac3aa31b8ec78d2fe40dbd06b54544596f8234ae