Navigate

Check: GEN001240

Solaris 10 X86 STIG: GEN001240 (in versions v2 r4 through v1 r17)

Title

System files, programs, and directories must be group-owned by a system group. (Cat II impact)

Discussion

Restricting permissions will protect the files from unauthorized modification.

Check Content

Check the group ownership of system files, programs, and directories. Procedure: # ls -lLa /etc /bin /usr/bin /usr/lbin /usr/ucb /sbin /usr/sbin If any system file, program, or directory is not group-owned by a system group, this is a finding.

Fix Text

Change the group owner of system files to a system group. Procedure: # chgrp root /path/to/system/file (System groups other than root may be used.)

Additional Identifiers

Rule ID: SV-227618r603266_rule

Vulnerability ID: V-227618

Group Title: SRG-OS-000259

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001499	The organization limits privileges to change software resident within software libraries.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-5 (6)	Limit Library Privileges