The AIX user home directories must not have extended ACLs.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-215332	SRG-OS-000480-GPOS-00230	AIX7-00-003019	SV-215332r991592_rule	2024-08-16	3

Description
Excessive permissions on home directories allow unauthorized access to user files.

ℹ️ Check
Verify user home directories have no extended ACLs using command: # cat /etc/passwd \| cut -f 6,6 -d ":" \| xargs -n1 aclget * * ACL_type AIXC * attributes: base permissions owner(root): rwx group(system): r-x others: r--- extended permissions disabled If extended permissions are not disabled, this is a finding.

✔️ Fix
Remove the extended ACL from the user home directory and disable extended permissions: # acledit <directory>