GEN001590 - All run control scripts must have no extended ACLs - '/etc/rc.d/*'

Information

If the startup files are writable by other users, they could modify the startup files to insert malicious commands into the startup files.

Solution

Remove the extended ACL from the file.
# setfacl --remove-all <run control script with extended ACL>

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6, 800-53|CM-5(6), CAT|II, CCI|CCI-000225, CCI|CCI-001499, Rule-ID|SV-218317r603259_rule, STIG-ID|GEN001590, STIG-Legacy|SV-63847, STIG-Legacy|V-22353, Vuln-ID|V-218317

Plugin: Unix

Control ID: 78f94493c85599db8b31df682c636d1aed6fd0e655b2f0efeb32cae64772df63