UCF STIG Viewer Logo

The /usr/aset/userlist file must exist.


Overview

Finding ID Version Rule ID IA Controls Severity
V-955 GEN000000-SOL00220 SV-955r2_rule ECSC-1 Medium
Description
If the userlist file does not exist, then an unauthorized user may exist in the /etc/passwd file.
STIG Date
SOLARIS 9 SPARC SECURITY TECHNICAL IMPLEMENTATION GUIDE 2015-10-01

Details

Check Text ( C-28803r1_chk )
Determine if ASET is being used.
# crontab -l | grep aset
If ASET is not used on the system, this is not applicable.
If ASET is being used, but is not invoked with the "-u /usr/aset/userlist" option, this is a finding.

Check the /usr/aset/userlist file.
# ls -lL /usr/aset/userlist
If /usr/aset/userlist file does not exist, this is a finding. An empty /usr/aset/userlist file, while not optimal, is not a finding.
Fix Text (F-1109r2_fix)
Create the /usr/aset/userlist file and populate it with a list of authorized users.