From SOLARIS 10 SPARC SECURITY TECHNICAL IMPLEMENTATION GUIDE
Part of GEN001475
Associated with IA controls: ECLP-1
Associated with: CCI-000225
Group passwords are typically shared and should not be used. Additionally, if password hashes are readable by non-administrators, the passwords are subject to attack through lookup tables or cryptographic weaknesses in the hashes.
Check the /etc/group file for password hashes. Procedure: # cut -d : -f 2 /etc/group | egrep -v '^(x|!)$' If any password hashes are returned, this is a finding. If no password hashes are returned, there is no finding.
Edit /etc/group and change the password field to an exclamation point (!) to lock the group password.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer