An error occurred:

Check: GEN001720

Solaris 10 X86 STIG: GEN001720 (in versions v2 r4 through v1 r17)

Title

All global initialization files must have mode 0644 or less permissive. (Cat II impact)

Discussion

Global initialization files are used to configure the user's shell environment upon login. Malicious modification of these files could compromise accounts upon logon.

Check Content

Check global initialization files permissions. # ls -l /etc/.login # ls -l /etc/profile # ls -l /etc/bashrc # ls -l /etc/environment # ls -l /etc/security/environ # ls -l /etc/csh.login # ls -l /etc/csh.cshrc If global initialization files exist and are more permissive than 0644, this is a finding.

Fix Text

Change the mode of the global initialization file(s) to 0644. # chmod 0644 <global initialization file>

Additional Identifiers

Rule ID: SV-220084r603266_rule

Vulnerability ID: V-220084

Group Title: SRG-OS-000480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings