UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The /etc/zones directory, and its contents, must be group-owned by root, sys, or bin.


Overview

Finding ID Version Rule ID IA Controls Severity
V-227550 GEN000000-SOL00560 SV-227550r603266_rule Medium
Description
Solaris zones configuration files must be protected against illicit creation, modification, and deletion.
STIG Date
Solaris 10 X86 Security Technical Implementation Guide 2022-09-07

Details

Check Text ( C-29712r488183_chk )
Check the group ownership of the files and directories.

# ls -lLRa /etc/zones

If the group owner of the directory and all files is not root, sys, or bin, this is a finding.

If zones are not installed on the system, this is not a finding.
Fix Text (F-29700r488184_fix)
Change the group ownership of the files and directories.
# chgrp -R sys /etc/zones
# chgrp root /etc/zones/*.xml
# chgrp bin /etc/zones/SUN*.xml