UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Local initialization files must be group-owned by the user's primary group or root.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22361 GEN001870 SV-37101r1_rule ECLP-1 Medium
Description
Local initialization files are used to configure the user's shell environment upon login. Malicious modification of these files could compromise accounts upon logon.
STIG Date
Solaris 9 X86 Security Technical Implementation Guide 2013-07-02

Details

Check Text ( C-35860r2_chk )
Check user home directories for local initialization files group-owned by a group other than the user's primary group or root.
1. List user accounts and their primary GID.
# cut -d : -f 1,4 /etc/passwd

2. Check local initialization files for each user.
# ls -al //.login
# ls -al //.cshrc
# ls -al //.logout
# ls -al //.profile
# ls -al //.bash_profile
# ls -al //.bashrc
# ls -al //.bash_logout
# ls -al //.env
# ls -al //.dtprofile
# ls -al //.dispatch
# ls -al //.emacs
# ls -al //.exrc
# find //.dt ! -fstype nfs ! -group -exec ls -ld {} \;

3. If any file is not group-owned by root or the user's primary GID, this is a finding.

Fix Text (F-30184r1_fix)
Change the group-owner of the local initialization file to the user's primary group, or root.
# chgrp [USER's primary GID] ~USER/[local initialization file]