STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 10 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Solaris 11 X86 Security Technical Implementation Guide

V-216069

CAT II (Medium)

Run control scripts must not execute world writable programs or scripts.

Rule ID

SV-216069r959010_rule

STIG

Solaris 11 X86 Security Technical Implementation Guide

Version

V3R5

CCIs

CCI-000366

Discussion

World writable files could be modified accidentally or maliciously to compromise system integrity.

Check Content

Check the permissions on the files or scripts executed from system startup scripts to see if they are world writable.

Create a list of all potential run command level scripts.

# ls -l /etc/init.d/* /etc/rc* | tr '\011' ' ' | tr -s ' ' | cut -f 9,9 -d " "

Create a list of world writable files.

# find / -perm -002 -type f >> WorldWritableFileList

Determine if any of the world writeable files in "WorldWritableFileList" are called from the run command level scripts.

Note: Depending upon the number of scripts vs. world writable files, it may be easier to inspect the scripts manually.

# more `ls -l /etc/init.d/* /etc/rc* | tr '\011' ' ' | tr -s ' ' | cut -f 9,9 -d " "`

If any system startup script executes any file or script that is world writable, this is a finding.

Fix Text

Remove the world writable permission from programs or scripts executed by run control scripts.

Procedure:

# chmod o-w <program or script executed from run control script>