The asetenv file YPCHECK variable must be set to true when NIS+ is configured.

From SOLARIS 10 SPARC SECURITY TECHNICAL IMPLEMENTATION GUIDE

Part of GEN000000-SOL00200

Associated with IA controls: ECSC-1

Associated with: CCI-000032 CCI-000366

SV-36750r1_rule The asetenv file YPCHECK variable must be set to true when NIS+ is configured.

Vulnerability discussion

If YPCHECK is not set to true in asetenv, then ypfiles may not be checked.

Check content

Perform the following to determine if ASET is configured to check NIS+. # grep YPCHECK /usr/aset/asetenv If NIS+ is running and the YPCHECK variable is set to false, then this is a finding.

Fix text

Edit the ASET configuration and set YPCHECK to true on systems running NIS. (If NIS+ is configured, YPCHECK must only be set to false to avoid going into NIS compatibility mode.) Configure NIS to use YPCHECK.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer