STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The sticky bit must be set on all public directories.

DISA Rule

SV-226584r603265_rule

Vulnerability Number

V-226584

Group Title

SRG-OS-000480

Rule Version

GEN002500

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Set the sticky bit on all public directories.

Procedure:
# chmod 1777 /tmp

(Replace /tmp with the public directory missing the sticky bit, if necessary.)

Check Contents

Verify all world-writable directories have the sticky bit set.

Procedure:
# find / -type d -perm -002 ! -perm -1000 > wwlist

If the sticky bit is not set on a world-writable directory, this is a finding.

Vulnerability Number

V-226584

Documentable

False

Rule Version

GEN002500

Severity Override Guidance

Verify all world-writable directories have the sticky bit set.

Procedure:
# find / -type d -perm -002 ! -perm -1000 > wwlist

If the sticky bit is not set on a world-writable directory, this is a finding.

Check Content Reference

M

Target Key

4060

Comments