UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must not allow users to configure .forward files.


Overview

Finding ID Version Rule ID IA Controls Severity
V-48065 SOL-11.1-070170 SV-60937r1_rule Medium
Description
Use of the .forward file poses a security risk in that sensitive data may be inadvertently transferred outside the organization. The .forward file also poses a secondary risk as it can be used to execute commands that may perform unintended actions.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2016-06-29

Details

Check Text ( C-50497r2_chk )
The root role is required.

# for dir in \
`logins -ox | awk -F: '($8 == "PS") { print $6 }'`; do
ls -l ${dir}/.forward 2>/dev/null
done

If output is produced, this is a finding.
Fix Text (F-51673r1_fix)
The root role is required.

Remove any .forward files that are found.

# pfexec rm [filename]