Local initialization files must be group-owned by the user's primary group or root.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-22361	GEN001870	SV-37101r1_rule	ECLP-1	Medium

Description
Local initialization files are used to configure the user's shell environment upon login. Malicious modification of these files could compromise accounts upon logon.

STIG	Date
SOLARIS 9 SPARC SECURITY TECHNICAL IMPLEMENTATION GUIDE	2015-10-01

Details

Check Text ( C-35860r2_chk )
Check user home directories for local initialization files group-owned by a group other than the user's primary group or root. 1. List user accounts and their primary GID. # cut -d : -f 1,4 /etc/passwd 2. Check local initialization files for each user. # ls -al //.login # ls -al //.cshrc # ls -al //.logout # ls -al //.profile # ls -al //.bash_profile # ls -al //.bashrc # ls -al //.bash_logout # ls -al //.env # ls -al //.dtprofile # ls -al //.dispatch # ls -al //.emacs # ls -al //.exrc # find //.dt ! -fstype nfs ! -group -exec ls -ld {} \; 3. If any file is not group-owned by root or the user's primary GID, this is a finding.

Check Text ( C-35860r2_chk )

Check user home directories for local initialization files group-owned by a group other than the user's primary group or root.
1. List user accounts and their primary GID.
# cut -d : -f 1,4 /etc/passwd

2. Check local initialization files for each user.
# ls -al //.login
# ls -al //.cshrc
# ls -al //.logout
# ls -al //.profile
# ls -al //.bash_profile
# ls -al //.bashrc
# ls -al //.bash_logout
# ls -al //.env
# ls -al //.dtprofile
# ls -al //.dispatch
# ls -al //.emacs
# ls -al //.exrc
# find //.dt ! -fstype nfs ! -group -exec ls -ld {} \;

3. If any file is not group-owned by root or the user's primary GID, this is a finding.

Fix Text (F-30184r1_fix)
Change the group-owner of the local initialization file to the user's primary group, or root. # chgrp [USER's primary GID] ~USER/[local initialization file]