The RHEL 8 file integrity tool must be configured to verify extended attributes.
An XCCDF Rule
Description
<VulnDiscussion>Extended attributes in file systems are used to contain arbitrary data and file metadata with security implications. RHEL 8 installation media come with a file integrity tool, Advanced Intrusion Detection Environment (AIDE).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-230551r627750_rule
- Severity
- Low
- References
- Updated
Remediation - Manual Procedure
Configure the file integrity tool to check file and directory extended attributes.
If AIDE is installed, ensure the "xattrs" rule is present on all uncommented file and directory selection lists.