STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The owner, group-owner, mode, ACL, and location of files with the setgid bit set must be documented using site-defined procedures.

DISA Rule

SV-227707r603266_rule

Vulnerability Number

V-227707

Group Title

SRG-OS-000480

Rule Version

GEN002440

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

All files with the setgid bit set will be documented in the system baseline and authorized by the Information Systems Security Officer. Locate all setgid files with the following command.

find / -perm -2000 -exec ls -lLd {} \;

Ensure setgid files are part of the operating system software, documented application software, documented utility software, or documented locally developed software. Ensure none are text files or shell programs.

Check Contents

Locate all setgid files on the system.

Procedure:
# find / -perm -2000

If the ownership, permissions, location, and ACLs of all files with the setgid bit set are not documented, this is a finding.

Vulnerability Number

V-227707

Documentable

False

Rule Version

GEN002440

Severity Override Guidance

Locate all setgid files on the system.

Procedure:
# find / -perm -2000

If the ownership, permissions, location, and ACLs of all files with the setgid bit set are not documented, this is a finding.

Check Content Reference

Target Key

4061

The owner, group-owner, mode, ACL, and location of files with the setgid bit set must be documented using site-defined procedures.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments