Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system must not allow users to configure .forward files.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-216433 | SOL-11.1-070170 | SV-216433r959010_rule | Medium |
| Description |
|---|
| Use of the .forward file poses a security risk in that sensitive data may be inadvertently transferred outside the organization. The .forward file also poses a secondary risk as it can be used to execute commands that may perform unintended actions. |
| STIG | Date |
|---|---|
| Solaris 11 SPARC Security Technical Implementation Guide | 2024-05-30 |
Details
| Check Text ( C-17669r371387_chk ) |
|---|
| The root role is required. # for dir in \ `logins -ox | awk -F: '($8 == "PS") { print $6 }'`; do ls -l ${dir}/.forward 2>/dev/null done If output is produced, this is a finding. |
| Fix Text (F-17667r371388_fix) |
|---|
| The root role is required. Remove any .forward files that are found. # pfexec rm [filename] |