Check: SOL-11.1-070120
Solaris 11 x86 STIG:
SOL-11.1-070120
(in versions v2 r10 through v1 r10)
Title
Duplicate Group IDs (GIDs) must not exist for multiple groups. (Cat II impact)
Discussion
User groups must be assigned unique GIDs for accountability and to ensure appropriate access protections.
Check Content
The root role is required. Check that group IDs are unique. # getent group | cut -f3 -d":" | sort -n | uniq -c |\ while read x ; do [ -z "${x}" ] && break set - $x if [ $1 -gt 1 ]; then grps=`getent group | nawk -F: '($3 == n) { print $1 }' n=$2 | xargs` echo "Duplicate GID ($2): ${grps}" fi done If output is produced, this is a finding.
Fix Text
The root role is required. Work with each respective group owner to remediate this issue and ensure that the group ownership of their files are set to an appropriate value.
Additional Identifiers
Rule ID: SV-216191r603268_rule
Vulnerability ID: V-216191
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |