UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The rpcbind service must be configured for local only services.


Overview

Finding ID Version Rule ID IA Controls Severity
V-47919 SOL-11.1-020170 SV-60791r1_rule Medium
Description
The portmap and rpcbind services increase the attack surface of the system and should only be used when needed. The portmap or rpcbind services are used by a variety of services using remote procedure calls (RPCs).
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2017-01-05

Details

Check Text ( C-50355r1_chk )
Check the status of the rpcbind service local_only property.
# svcprop -p config/local_only network/rpc/bind

If the state is not "true", this is a finding.
Fix Text (F-51531r1_fix)
The Service Management profile is required.

Configure the rpc/bind service for local only access.

#svccfg -s network/rpc/bind setprop config/local_only=true