UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The nobody access for RPC encryption key storage service must be disabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-48089 SOL-11.1-040320 SV-60961r1_rule Medium
Description
If login by the user "nobody" is allowed for secure RPC, there is an increased risk of system compromise. If keyserv holds a private key for the "nobody" user, it will be used by key_encryptsession to compute a magic phrase which can be easily recovered by a malicious user.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2017-01-05

Details

Check Text ( C-50521r1_chk )
Determine if "nobody" access for keyserv is enabled.

# grep "^ENABLE_NOBODY_KEYS=" /etc/default/keyserv

If the output of the command is not:

ENABLE_NOBODY_KEYS=NO

this is a finding.
Fix Text (F-51697r1_fix)
The root role is required.

Modify the /etc/default/keyserv file.

# pfedit /etc/default/keyserv

Locate the line:

#ENABLE_NOBODY_KEYS=YES

Change it to:

ENABLE_NOBODY_KEYS=NO