Skip to content
Log In

Solaris 11 X86 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-OS-000480

    Group
    Show

  • The system must not allow autologin capabilities from the GNOME desktop.

    As automatic logins are a known security risk for other than "kiosk" types of systems, GNOME automatic login should be disabled in pam.conf.
    Rule High Severity
    Show

  • SRG-OS-000480

    Group
    Show

  • SRG-OS-000480

    Group
    Show

  • SRG-OS-000480

    Group
    Show

  • SRG-OS-000480

    Group
    Show

  • User .netrc files must not exist.

    The .netrc file presents a significant security risk since it stores passwords in unencrypted form.
    Rule Medium Severity
    Show

  • SRG-OS-000480

    Group
    Show

  • The system must not allow users to configure .forward files.

    Use of the .forward file poses a security risk in that sensitive data may be inadvertently transferred outside the organization. The .forward file also poses a secondary risk as it can be used to e...
    Rule Medium Severity
    Show

  • SRG-OS-000480

    Group
    Show

  • SRG-OS-000480

    Group
    Show

  • SRG-OS-000480

    Group
    Show

  • SRG-OS-000480

    Group
    Show

  • The operating system must have no files with extended attributes.

    Attackers or malicious users could hide information, exploits, etc. in extended attribute areas. Since extended attributes are rarely used, it is important to find files with extended attributes se...
    Rule Low Severity
    Show

  • SRG-OS-000480

    Group
    Show

  • SRG-OS-000480

    Group
    Show

  • Logins to the root account must be restricted to the system console only.

    Use an authorized mechanism such as RBAC and the "su" command to provide administrative access to unprivileged accounts. These mechanisms provide an audit trail in the event of problems.
    Rule Medium Severity
    Show

  • SRG-OS-000025

    Group
    Show

  • The operating system, upon successful logon, must display to the user the date and time of the last logon (access).

    Users need to be aware of activity that occurs regarding their account. Providing users with information regarding the date and time of their last successful login allows the user to determine if a...
    Rule Low Severity
    Show

  • SRG-OS-000030

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules