UCF STIG Viewer Logo

Groups assigned to users must exist in the /etc/group file.


Overview

Finding ID Version Rule ID IA Controls Severity
V-216422 SOL-11.1-070060 SV-216422r603267_rule Medium
Description
Groups defined in passwd but not in group file pose a threat to system security since group permissions are not properly managed.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2022-11-18

Details

Check Text ( C-17658r371354_chk )
The root role is required.

Check that groups are configured correctly.

# logins -xo | awk -F: '($3 == "") { print $1 }'

If output is produced, this is a finding.
Fix Text (F-17656r371355_fix)
The root role is required.

Correct or justify any items discovered in the Audit step. Determine if any groups are in passwd but not in group, and work with those users or group owners to determine the best course of action in accordance with site policy.