STIGQter: STIG Summary: Solaris 11 X86 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

World-writable files must not exist.

DISA Rule

SV-216197r603268_rule

Vulnerability Number

V-216197

Group Title

SRG-OS-000480

Rule Version

SOL-11.1-070180

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

The root role is required.

Change the permissions of the files identified in the check step to remove the world-writable permission.

# pfexec chmod o-w [filename]

Check Contents

The root role is required.

Check for the existence of world-writable files.

# find / \( -fstype nfs -o -fstype cachefs -o -fstype autofs \
-o -fstype ctfs -o -fstype mntfs -o -fstype objfs \
-o -fstype proc \) -prune -o -type f -perm -0002 -print
If output is produced, this is a finding.

Vulnerability Number

V-216197

Documentable

False

Rule Version

SOL-11.1-070180

Severity Override Guidance

The root role is required.

Check for the existence of world-writable files.

# find / \( -fstype nfs -o -fstype cachefs -o -fstype autofs \
-o -fstype ctfs -o -fstype mntfs -o -fstype objfs \
-o -fstype proc \) -prune -o -type f -perm -0002 -print
If output is produced, this is a finding.

Check Content Reference

M

Target Key

4021

Comments