Navigate

Check: GEN000000-SOL00420

Solaris 9 X86 STIG: GEN000000-SOL00420 (in version v1 r9)

Title

Hidden extended file attributes must not exist on the system. (Cat II impact)

Discussion

Solaris extended attributes are essentially files themselves that are of an arbitrary size and content. They could be used to hide files from ordinary system file scans.

Check Content

Search for all files with hidden extended attributes. # find / -xattr -print -exec runat {} ls -al \; If hidden extended file attributes exist, this is a finding.

Fix Text

Remove the hidden extended file attributes. # runat <file name> rm <attribute name>

Additional Identifiers

Rule ID: SV-12533r2_rule

Vulnerability ID: V-12032

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000032	The information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-4 (8)	Security Policy Filters