Check: SOL-11.1-040270
Solaris 11 SPARC STIG:
SOL-11.1-040270
(in versions v2 r10 through v1 r10)
Title
The value mesg n must be configured as the default setting for all users. (Cat III impact)
Discussion
The "mesg n" command blocks attempts to use the "write" or "talk" commands to contact users at their terminals, but has the side effect of slightly strengthening permissions on the user's TTY device.
Check Content
Determine if "mesg n" is the default for users. # grep "^mesg" /etc/.login # grep "^mesg" /etc/profile If either of these commands produces a line: mesg y this is a finding. For each existing user on the system, enter the command: # mesg If the command output is: is y this is a finding.
Fix Text
The root role is required. Edit the default profile configuration files. # pfedit /etc/profile # pfedit /etc/.login In each file add a new line: mesg n For each user on the system, enter the command: # mesg n
Additional Identifiers
Rule ID: SV-216343r603267_rule
Vulnerability ID: V-216343
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |