STIGQter: STIG Summary: Solaris 11 SPARC Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The operating system must have no unowned files.

DISA Rule

SV-216436r603267_rule

Vulnerability Number

V-216436

Group Title

SRG-OS-000480

Rule Version

SOL-11.1-070200

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

The root role is required.

Correct or justify any items discovered in the Check step. Determine the existence of any files that are not attributed to current users or groups on the system, and determine the best course of action in accordance with site policy. Remove the files and directories or change their ownership.

Check Contents

The root role is required.

Identify all files that are owned by a user or group not listed in /etc/passwd or /etc/group

# find / \( -fstype nfs -o -fstype cachefs -o -fstype autofs \
-o -fstype ctfs -o -fstype mntfs -o -fstype objfs \
-o -fstype proc \) -prune \( -nouser -o -nogroup \) -ls

If output is produced, this is a finding.

Vulnerability Number

V-216436

Documentable

False

Rule Version

SOL-11.1-070200

Severity Override Guidance

The root role is required.

Identify all files that are owned by a user or group not listed in /etc/passwd or /etc/group

# find / \( -fstype nfs -o -fstype cachefs -o -fstype autofs \
-o -fstype ctfs -o -fstype mntfs -o -fstype objfs \
-o -fstype proc \) -prune \( -nouser -o -nogroup \) -ls

If output is produced, this is a finding.

Check Content Reference

M

Target Key

4022

Comments