Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-955 | GEN000000-SOL00220 | SV-955r2_rule | ECSC-1 | Medium |
Description |
---|
If the userlist file does not exist, then an unauthorized user may exist in the /etc/passwd file. |
STIG | Date |
---|---|
SOLARIS 10 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2018-12-10 |
Check Text ( C-28803r1_chk ) |
---|
Determine if ASET is being used. # crontab -l | grep aset If ASET is not used on the system, this is not applicable. If ASET is being used, but is not invoked with the "-u /usr/aset/userlist" option, this is a finding. Check the /usr/aset/userlist file. # ls -lL /usr/aset/userlist If /usr/aset/userlist file does not exist, this is a finding. An empty /usr/aset/userlist file, while not optimal, is not a finding. |
Fix Text (F-1109r2_fix) |
---|
Create the /usr/aset/userlist file and populate it with a list of authorized users. |