Navigate

Check: GEN001220

Solaris 10 X86 STIG: GEN001220 (in versions v2 r4 through v1 r17)

Title

All system files, programs, and directories must be owned by a system account. (Cat II impact)

Discussion

Restricting permissions will protect the files from unauthorized modification.

Check Content

Check the ownership of system files, programs, and directories. Procedure: # ls -lLa /etc /bin /usr/bin /usr/lbin /usr/ucb /sbin /usr/sbin If any of the system files, programs, or directories are not owned by a system account, this is a finding.

Fix Text

Change the owner of system files, programs, and directories to a system account. Procedure: # chown root /some/system/file (A different system user may be used in place of root.)

Additional Identifiers

Rule ID: SV-227617r603266_rule

Vulnerability ID: V-227617

Group Title: SRG-OS-000259

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001499	The organization limits privileges to change software resident within software libraries.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-5 (6)	Limit Library Privileges