The AIX /etc/group file must not have an extended ACL.
An XCCDF Rule
Description
The "/etc/group" file contains information regarding groups that are configured on the system. Protection of this file is important for system security.
- ID
- SV-215328r991589_rule
- Version
- AIX7-00-003015
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Remove the extended ACL from the "/etc/group" using command:
# acledit /etc/group