An error occurred:

Check: GEN000000-SOL00560

Solaris 10 SPARC STIG: GEN000000-SOL00560 (in versions v2 r4 through v1 r19)

Title

The /etc/zones directory, and its contents, must be group-owned by root, sys, or bin. (Cat II impact)

Discussion

Solaris zones configuration files must be protected against illicit creation, modification, and deletion.

Check Content

Check the group ownership of the files and directories. # ls -lLRa /etc/zones If the group owner of the directory and all files is not root, sys, or bin, this is a finding. If zones are not installed on the system, this is not a finding.

Fix Text

Change the group ownership of the files and directories. # chgrp -R sys /etc/zones # chgrp root /etc/zones/*.xml # chgrp bin /etc/zones/SUN*.xml

Additional Identifiers

Rule ID: SV-226424r603265_rule

Vulnerability ID: V-226424

Group Title: SRG-OS-000480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings