The AIX root accounts home directory must not have an extended ACL.

An XCCDF Rule

Description

Excessive permissions on root home directories allow unauthorized access to root user files.

ID: SV-215199r991592_rule
Version: AIX7-00-001040
Severity: Medium
References: CCI-000366
Updated: 24 days ago

Remediation Templates

Remove the extended ACL from the "root" account's home directory using command:
# acledit ~root 

Change extended attributes to disabled.