GEN006570 - The file integrity tool must be configured to verify ACLs - config

Information

ACLs can provide permissions beyond those permitted through the file mode and must be verified by file integrity tools.

Solution

If using AIDE, edit the configuration and add the acl option for all monitored files and directories.

If using a different file integrity tool, configure ACL checking per the tool's documentation.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_x86_V2R4_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-6a., CAT|III, CCI|CCI-002696, Rule-ID|SV-227953r854519_rule, STIG-ID|GEN006570, STIG-Legacy|SV-26858, STIG-Legacy|V-22507, Vuln-ID|V-227953

Plugin: Unix

Control ID: a3b41789f8e7c4cdedb641c5dae2618eec4bb0be4dbc9569582c08c7e8716d82