An error occurred:

Check: GEN000000-SOL00200

Solaris 10 X86 STIG: GEN000000-SOL00200 (in versions v2 r4 through v1 r17)

Title

The asetenv file YPCHECK variable must be set to true when NIS+ is configured. (Cat II impact)

Discussion

If YPCHECK is not set to true in asetenv, then ypfiles may not be checked.

Check Content

Perform the following to determine if ASET is configured to check NIS+. # grep YPCHECK /usr/aset/asetenv If NIS+ is running and the YPCHECK variable is set to false, then this is a finding.

Fix Text

Edit the ASET configuration and set YPCHECK to true on systems running NIS. (If NIS+ is configured, YPCHECK must only be set to false to avoid going into NIS compatibility mode.) Configure NIS to use YPCHECK.

Additional Identifiers

Rule ID: SV-220071r603266_rule

Vulnerability ID: V-220071

Group Title: SRG-OS-000016

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000032

Enforce information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows.
CCI-000366

Implement the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-4(8)

Security Policy Filters
CM-6

Configuration Settings