Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-227699 | GEN002280 | SV-227699r603266_rule | Medium |
Description |
---|
System device files in writable directories could be modified, removed, or used by an unprivileged user to control system hardware. |
STIG | Date |
---|---|
Solaris 10 X86 Security Technical Implementation Guide | 2020-12-04 |
Check Text ( C-29861r488678_chk ) |
---|
Find all device files existing anywhere on the system. Procedure: # find / -type b -print > devicelist # find / -type c -print >> devicelist Check the permissions on the directories above subdirectories containing device files. The following list of device files are intended to be world-writable and if present are not a finding. /dev/arp /dev/conslog /dev/crypto /dev/dtrace/dtrace /dev/dtrace/helper /dev/dtrace/provider/fasttrap /dev/fd/* /dev/kstat /dev/null /dev/poll /dev/pool /dev/ptmx /dev/sad/user /dev/tcp /dev/tcp6 /dev/ticlts /dev/ticots /dev/ticotsord /dev/tty /dev/udp /dev/udp6 /dev/zero /dev/zfs If any device file or their parent directory is world-writable and it is not intended to be world-writable, this is a finding. |
Fix Text (F-29849r488679_fix) |
---|
Remove the world-writable permission from the device file(s). Procedure: # chmod o-w Document all changes. |