STIGQter: STIG Summary: Solaris 11 X86 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The operating system must automatically terminate temporary accounts within 72 hours.

DISA Rule

SV-216087r603268_rule

Vulnerability Number

V-216087

Group Title

SRG-OS-000002

Rule Version

SOL-11.1-040020

Severity

CAT III

CCI(s)

• CCI-000016 - The information system automatically removes or disables temporary accounts after an organization-defined time period for each type of account.

Weight

10

Fix Recommendation

The User Security role is required.

Apply an expiration date to temporary users.

# pfexec usermod -e "[date]" [username]

Enter the date in the form mm/dd/yyyy such that it is within 72 hours.

Check Contents

The root role is required.

Determine if an expiration date is set for temporary accounts.

# logins -aox |awk -F: '($14 == "0") {print}'

This command produces a list of accounts with no expiration date set. If any of these accounts are temporary accounts, this is a finding.

# logins -aox |awk -F: '($14 != "0") {print}'

This command produces a list of accounts with an expiration date set as defined in the last field. If any accounts have a date that is not within 72 hours, this is a finding.

Vulnerability Number

V-216087

Documentable

False

Rule Version

SOL-11.1-040020

Severity Override Guidance

The root role is required.

Determine if an expiration date is set for temporary accounts.

# logins -aox |awk -F: '($14 == "0") {print}'

This command produces a list of accounts with no expiration date set. If any of these accounts are temporary accounts, this is a finding.

# logins -aox |awk -F: '($14 != "0") {print}'

This command produces a list of accounts with an expiration date set as defined in the last field. If any accounts have a date that is not within 72 hours, this is a finding.

Check Content Reference

M

Target Key

4021

Comments