The snmpd.conf file must not have an extended ACL.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22452 | GEN005375 | SV-26737r1_rule | ECLP-1 | Medium |
| Description |
|---|
| The snmpd.conf file contains authenticators and must be protected from unauthorized access and modification. |
| STIG | Date |
|---|---|
| Solaris 10 SPARC Security Technical Implementation Guide | 2014-04-04 |
Details
| Check Text ( C-27753r1_chk ) |
|---|
| Check the permissions of the SNMP configuration files. # ls -lL/etc/sma/snmp/snmpd.conf /var/sma_snmp/snmpd.conf /etc/snmp/conf/snmpd.conf /usr/sfw/lib/sma_snmp/snmpd.conf If the permissions include a "+", the file has an extended ACL and this is a finding. |
| Fix Text (F-23987r1_fix) |
|---|
| Remove the extended ACL from the files. # chmod A- /etc/sma/snmp/snmpd.conf /var/sma_snmp/snmpd.conf /etc/snmp/conf/snmpd.conf /usr/sfw/lib/sma_snmp/snmpd.conf |