STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

AIX log files must not have extended ACLs, except as needed to support authorized software.

DISA Rule

SV-215324r508663_rule

Vulnerability Number

V-215324

Group Title

SRG-OS-000206-GPOS-00084

Rule Version

AIX7-00-003007

Severity

CAT II

CCI(s)

• CCI-001314 - The information system reveals error messages only to organization-defined personnel or roles.

Weight

10

Fix Recommendation

Remove the extended ACL(s) from the system log file(s):
# acledit <system_log_file>

Set "extended permissions" to "disabled".

Check Contents

With the assistance of the system administrator, identify all of the system log files.

For each system log file identified, verify that extended ACL's are disabled:

#aclget <system_log_file>
*
* ACL_type AIXC
*
attributes:
base permissions
owner(root): rw-
group(system): r--
others: r--
extended permissions
disabled

If "extended permissions" is set to "enabled" and is not documented, this is a finding.

Vulnerability Number

V-215324

Documentable

False

Rule Version

AIX7-00-003007

Severity Override Guidance

With the assistance of the system administrator, identify all of the system log files.

For each system log file identified, verify that extended ACL's are disabled:

#aclget <system_log_file>
*
* ACL_type AIXC
*
attributes:
base permissions
owner(root): rw-
group(system): r--
others: r--
extended permissions
disabled

If "extended permissions" is set to "enabled" and is not documented, this is a finding.

Check Content Reference

M

Target Key

4012

Comments