Check: SOL-11.1-070060
Solaris 11 x86 STIG:
SOL-11.1-070060
(in versions v2 r10 through v1 r10)
Title
Groups assigned to users must exist in the /etc/group file. (Cat II impact)
Discussion
Groups defined in passwd but not in group file pose a threat to system security since group permissions are not properly managed.
Check Content
The root role is required. Check that groups are configured correctly. # logins -xo | awk -F: '($3 == "") { print $1 }' If output is produced, this is a finding.
Fix Text
The root role is required. Correct or justify any items discovered in the Audit step. Determine if any groups are in passwd but not in group, and work with those users or group owners to determine the best course of action in accordance with site policy.
Additional Identifiers
Rule ID: SV-216185r603268_rule
Vulnerability ID: V-216185
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |