STIGQter STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The owner, group owner, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures.

DISA Rule

SV-226579r603265_rule

Vulnerability Number

V-226579

Group Title

SRG-OS-000480

Rule Version

GEN002380

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Document the files with the setuid bit set or unset the setuid bit on the executable.

Check Contents

Files with the setuid bit set will allow anyone running these files to be temporarily assigned the user or group ID of the file. If an executable with setuid allows shell escapes, the user can operate on the system with the effective permission rights of the user or group owner.

List all setuid files on the system.
Procedure:
# find / -perm -4000 -exec ls -l {} \; | more

NOTE: Executing these commands may result in large listings of files; the output may be redirected to a file for easier analysis.

Ask the SA or IAO if files with the setuid bit set have been documented. If any undocumented file has its setuid bit set, this is a finding.

Vulnerability Number

V-226579

Documentable

False

Rule Version

GEN002380

Severity Override Guidance

Files with the setuid bit set will allow anyone running these files to be temporarily assigned the user or group ID of the file. If an executable with setuid allows shell escapes, the user can operate on the system with the effective permission rights of the user or group owner.

List all setuid files on the system.
Procedure:
# find / -perm -4000 -exec ls -l {} \; | more

NOTE: Executing these commands may result in large listings of files; the output may be redirected to a file for easier analysis.

Ask the SA or IAO if files with the setuid bit set have been documented. If any undocumented file has its setuid bit set, this is a finding.

Check Content Reference

M

Target Key

4060

Comments