GEN001310 - All library files must not have extended ACLs - '/lib64/*'

Information

Unauthorized access could destroy the integrity of the library files.

Solution

Remove the extended ACL from the file.
# setfacl --remove-all /usr/lib/* /lib/*

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(6), CAT|II, CCI|CCI-001499, Group-ID|V-22317, Rule-ID|SV-37250r2_rule, STIG-ID|GEN001310, Vuln-ID|V-22317

Plugin: Unix

Control ID: 37c578604cb9fcb490dc432f929b104de8d09db25dc12c7a06ed67da202e4b07