Check: SOL-11.1-070240
Solaris 11 x86 STIG:
SOL-11.1-070240
(in versions v2 r10 through v1 r10)
Title
The operating system must reveal error messages only to authorized personnel. (Cat III impact)
Discussion
Proper file permissions and ownership ensures that only designated personnel in the organization can access error messages.
Check Content
Check the permissions of the /var/adm/messages file: # ls -l /var/adm/messages Check the permissions of the /var/adm directory: # ls -ld /var/adm If the owner and group of /var/adm/messages is not root and the permissions are not 640, this is a finding. If the owner of /var/adm is not root, group is not sys, and the permissions are not 750, this is a finding.
Fix Text
The root role is required. Change the permissions and owner on the /var/adm/messages file: # chmod 640 /var/adm/messages # chown root /var/adm/messages # chgrp root /var/adm/messages Change the permissions and owner on the /var/adm directory: # chmod 750 /var/adm # chown root /var/adm # chgrp sys /var/adm
Additional Identifiers
Rule ID: SV-216202r603268_rule
Vulnerability ID: V-216202
Group Title: SRG-OS-000206
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001314 |
The information system reveals error messages only to organization-defined personnel or roles. |
Controls
Number | Title |
---|---|
SI-11 |
Error Handling |