GEN005395 - The /etc/syslog.conf file must not have an extended ACL.

Information

Unauthorized users must not be allowed to access or modify the /etc/syslog.conf file.

Solution

Remove the extended ACL from the syslog.conf file and change extended attributes to disabled.

#acledit /etc/syslog.conf

See Also

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Group-ID|V-22454, Rule-ID|SV-38820r1_rule, STIG-ID|GEN005395, Vuln-ID|V-22454

Plugin: Unix

Control ID: cafb96ca024b115ea0703afb076a66de57e860ae4357f1404ea230d1386cb08f