STIGQter STIGQter: STIG Summary: Solaris 11 X86 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

All manual editing of system-relevant files shall be done using the pfedit command, which logs changes made to the files.

DISA Rule

SV-216234r603268_rule

Vulnerability Number

V-216234

Group Title

SRG-OS-000480

Rule Version

SOL-11.1-090240

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Advise the operators to use pdfedit or other appropriate command line tools to make system changes instead of vi, emacs, or gedit.

Oracle Solaris includes administrative configuration files which use pfedit, and the solaris.admin.edit/path_to_file authorization is not recommended. Alternate commands exist which are both domain-specific and safer. For example, for the /etc/passwd, /etc/shadow, or /etc/user_attr files, use instead passwd, useradd, userdel, or usermod. For the /etc/group file, use instead groupadd, groupdel, or groupmod. For updating /etc/security/auth_attr, /etc/security/exec_attr, or /etc/security/prof_attr, the preferred command is profiles.

Check Contents

Ask the operators if they use vi, emacs, or gedit to make changes to system files.

If vi, emacs, or gedit are used to make changes to system files, this is a finding.

Vulnerability Number

V-216234

Documentable

False

Rule Version

SOL-11.1-090240

Severity Override Guidance

Ask the operators if they use vi, emacs, or gedit to make changes to system files.

If vi, emacs, or gedit are used to make changes to system files, this is a finding.

Check Content Reference

M

Target Key

4021

Comments