STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:SV-215326r508663_rule
V-215326
SRG-OS-000259-GPOS-00100
AIX7-00-003010
CAT II
10
Remove the extended ACL(s) from the system library file(s) and disable extended permissions using the follow script:
find /usr/lib/security /usr/lib/methods/ -type f | while read file
do
aclget -o /tmp/111.acl $file > /dev/null 2>&1
if [ $? -eq 0 ]; then
grep -e "[[:space:]]enabled$" /tmp/111.acl > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo "Removing ACL from "$file
cat /tmp/111.acl | head -n9 > /tmp/222.acl
echo " disabled" >> /tmp/222.acl
aclput -i /tmp/222.acl $file
fi
fi
done
The following system library directories need to be checked:
/usr/lib/security/
/usr/lib/methods/
Determine if any system library file has an extended ACL by running the follow script:
find /usr/lib/security /usr/lib/methods/ -type f | while read file
do
aclget -o /tmp/111.acl $file > /dev/null 2>&1
if [ $? -eq 0 ]; then
grep -e "[[:space:]]enabled$" /tmp/111.acl > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo "$file has ACL"
fi
fi
done
If the above script yield any output, this is a finding.
V-215326
False
AIX7-00-003010
The following system library directories need to be checked:
/usr/lib/security/
/usr/lib/methods/
Determine if any system library file has an extended ACL by running the follow script:
find /usr/lib/security /usr/lib/methods/ -type f | while read file
do
aclget -o /tmp/111.acl $file > /dev/null 2>&1
if [ $? -eq 0 ]; then
grep -e "[[:space:]]enabled$" /tmp/111.acl > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo "$file has ACL"
fi
fi
done
If the above script yield any output, this is a finding.
M
4012