Check: GEN000000-SOL00580
Solaris 10 SPARC STIG:
GEN000000-SOL00580
(in versions v2 r4 through v1 r19)
Title
The /etc/zones directory, and its contents, must not be group- or world-writable. (Cat II impact)
Discussion
Solaris zones configuration files must be protected against illicit creation, modification, and deletion.
Check Content
Check the permissions of the files and directories. # ls -lLdR /etc/zones If the mode of a directory is more permissive than 0755, or the mode of a file more permissive than 0644, this is a finding. If zones are not installed on the system, this is not a finding.
Fix Text
Change the mode of the file or directory. # chmod 0644 <file> For directories: # chmod 0755 <directory>
Additional Identifiers
Rule ID: SV-226425r603265_rule
Vulnerability ID: V-226425
Group Title: SRG-OS-000480
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |