The /etc/zones directory, and its contents, must not be group- or world-writable.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-227551 | GEN000000-SOL00580 | SV-227551r603266_rule | Medium |
| Description |
|---|
| Solaris zones configuration files must be protected against illicit creation, modification, and deletion. |
| STIG | Date |
|---|---|
| Solaris 10 X86 Security Technical Implementation Guide | 2022-09-07 |
Details
| Check Text ( C-29713r488186_chk ) |
|---|
| Check the permissions of the files and directories. # ls -lLdR /etc/zones If the mode of a directory is more permissive than 0755, or the mode of a file more permissive than 0644, this is a finding. If zones are not installed on the system, this is not a finding. |
| Fix Text (F-29701r488187_fix) |
|---|
| Change the mode of the file or directory. # chmod 0644 For directories: # chmod 0755 |