Check: SOL-11.1-020380
Solaris 11 x86 STIG:
SOL-11.1-020380
(in versions v2 r10 through v1 r10)
Title
System start-up files must only execute programs owned by a privileged UID or an application. (Cat II impact)
Discussion
System start-up files executing programs owned by other than root (or another privileged user) or an application indicates the system may have been compromised.
Check Content
Determine the programs executed by system start-up files. Determine the ownership of the executed programs. # cat /etc/rc* /etc/init.d/* | more Check the ownership of every program executed by the system start-up files. # ls -l <executed program> If any executed program is not owned by root, sys, bin, or in rare cases, an application account, this is a finding.
Fix Text
Change the ownership of the file executed from system startup scripts to root, bin, or sys. # chown root <executed file>
Additional Identifiers
Rule ID: SV-216072r603268_rule
Vulnerability ID: V-216072
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |