Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The operating system must reveal error messages only to authorized personnel.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-216439 | SOL-11.1-070240 | SV-216439r958566_rule | Low |
| Description |
|---|
| Proper file permissions and ownership ensures that only designated personnel in the organization can access error messages. |
| STIG | Date |
|---|---|
| Solaris 11 SPARC Security Technical Implementation Guide | 2024-05-30 |
Details
| Check Text ( C-17675r371405_chk ) |
|---|
| Check the permissions of the /var/adm/messages file: # ls -l /var/adm/messages Check the permissions of the /var/adm directory: # ls -ld /var/adm If the owner and group of /var/adm/messages is not root and the permissions are not 640, this is a finding. If the owner of /var/adm is not root, group is not sys, and the permissions are not 750, this is a finding. |
| Fix Text (F-17673r371406_fix) |
|---|
| The root role is required. Change the permissions and owner on the /var/adm/messages file: # chmod 640 /var/adm/messages # chown root /var/adm/messages # chgrp root /var/adm/messages Change the permissions and owner on the /var/adm directory: # chmod 750 /var/adm # chown root /var/adm # chgrp sys /var/adm |