All library files must not have extended ACLs.
An XCCDF Rule
Description
<VulnDiscussion>Unauthorized access could destroy the integrity of the library files.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-215326r508663_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Remove the extended ACL(s) from the system library file(s) and disable extended permissions using the follow script:
find /usr/lib/security /usr/lib/methods/ -type f | while read file
do
aclget -o /tmp/111.acl $file > /dev/null 2>&1
if [ $? -eq 0 ]; then