All run control scripts must have no extended ACLs.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-216065 | SRG-OS-000480 | SOL-11.1-020310 | SV-216065r959010_rule | 2026-02-19 | 3 |
Description
If the startup files are writable by other users, these users could modify the startup files to insert malicious commands into the startup files.
ℹ️ Check
Verify run control scripts have no extended ACLs.
# ls -lL /etc/rc* /etc/init.d
If the permissions include a "+", the file has an extended ACL and this is a finding.
✔️ Fix
Remove the extended ACL from the file.
# chmod A- [run control script with extended ACL]