UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The operating system must reveal error messages only to authorized personnel.


Overview

Finding ID Version Rule ID IA Controls Severity
V-48033 SOL-11.1-070240 SV-60905r2_rule Low
Description
Proper file permissions and ownership ensures that only designated personnel in the organization can access error messages.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2017-01-05

Details

Check Text ( C-50469r3_chk )
Check the permissions of the /var/adm/messages file:
# ls -l /var/adm/messages

Check the permissions of the /var/adm directory:
# ls -ld /var/adm

If the owner and group of /var/adm/messages is not root and the permissions are not 640, this is a finding.

If the owner of /var/adm is not root, group is not sys, and the permissions are not 750, this is a finding.
Fix Text (F-51645r2_fix)
The root role is required.

Change the permissions and owner on the /var/adm/messages file:

# chmod 640 /var/adm/messages
# chown root /var/adm/messages
# chgrp root /var/adm/messages

Change the permissions and owner on the /var/adm directory:

# chmod 750 /var/adm
# chown root /var/adm
# chgrp sys /var/adm