User start-up files must not contain the mesg -y or mesg y command.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-4088	GEN001960	SV-45163r1_rule	ECSC-1	Low

Description
The "mesg -y" or "mesg y" command turns on terminal messaging. On systems not defaulting to "mesg -n", the system profile (or equivalent) provides it. If the user changes this setting, write access may be provided to the terminal screen which could disrupt processing or cause enough confusion to result in damage to sensitive files. Educate users about the danger of having terminal messaging set turned on.

Description

The "mesg -y" or "mesg y" command turns on terminal messaging. On systems not defaulting to "mesg -n", the system profile (or equivalent) provides it. If the user changes this setting, write access may be provided to the terminal screen which could disrupt processing or cause enough confusion to result in damage to sensitive files. Educate users about the danger of having terminal messaging set turned on.

STIG	Date
SUSE Linux Enterprise Server v11 for System z	2012-12-13

Details

Check Text ( C-42507r1_chk )
# grep “mesg” $(find / -type f –name “.*”) If local initialization files contain the "mesg –y" or "mesg y" command, this is a finding.

Fix Text (F-38560r1_fix)
Edit the local initialization file(s) and remove the "mesg -y" or "mesg y" command.