SV-216113r603268_rule
V-216113
SRG-OS-000480
SOL-11.1-040320
CAT II
10
Determine if the rpc-authdes package is installed:
# pkg list solaris/legacy/security/rpc-authdes
If the output of this command is:
pkg list: no packages matching 'solaris/legacy/security/rpc-authdes' installed
no further action is required.
The root role is required.
Modify the /etc/default/keyserv file.
# pfedit /etc/default/keyserv
Locate the line:
#ENABLE_NOBODY_KEYS=YES
Change it to:
ENABLE_NOBODY_KEYS=NO
Determine if the rpc-authdes package is installed:
# pkg list solaris/legacy/security/rpc-authdes
If the output of this command is:
pkg list: no packages matching 'solaris/legacy/security/rpc-authdes' installed
no further action is required.
Determine if "nobody" access for keyserv is enabled.
# grep "^ENABLE_NOBODY_KEYS=" /etc/default/keyserv
If the output of the command is not:
ENABLE_NOBODY_KEYS=NO
this is a finding.
V-216113
False
SOL-11.1-040320
Determine if the rpc-authdes package is installed:
# pkg list solaris/legacy/security/rpc-authdes
If the output of this command is:
pkg list: no packages matching 'solaris/legacy/security/rpc-authdes' installed
no further action is required.
Determine if "nobody" access for keyserv is enabled.
# grep "^ENABLE_NOBODY_KEYS=" /etc/default/keyserv
If the output of the command is not:
ENABLE_NOBODY_KEYS=NO
this is a finding.
M
4021