An error occurred:

Check: GEN000000-SOL00200

Solaris 9 X86 STIG: GEN000000-SOL00200 (in version v1 r9)

Title

If NIS+ is configured on the Solaris system, YPCHECK must be set to true. (Cat II impact)

Discussion

If YPCHECK is not set to true, then ypfiles may not be checked.

Check Content

Perform the following to determine if ASET is configured to check NIS+. # grep YPCHECK /usr/aset/asetenv If NIS+ is running and the YPCHECK variable is set to false, then this is a finding.

Fix Text

Edit the ASET configuration and set YPCHECK to true on systems running NIS. (If NIS+ is configured, YPCHECK must only be set to false to avoid going into NIS compatibility mode.) Configure NIS to use YPCHECK.

Additional Identifiers

Rule ID: SV-954r2_rule

Vulnerability ID: V-954

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000032

Enforce information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows.
CCI-000366

Implement the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-4(8)

Security Policy Filters
CM-6

Configuration Settings