STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 10 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Solaris 11 X86 Security Technical Implementation Guide

V-216202

CAT III (Low)

The operating system must reveal error messages only to authorized personnel.

Rule ID

SV-216202r958566_rule

STIG

Solaris 11 X86 Security Technical Implementation Guide

Version

V3R5

CCIs

CCI-001314

Discussion

Proper file permissions and ownership ensures that only designated personnel in the organization can access error messages.

Check Content

Check the permissions of the /var/adm/messages file:
# ls -l /var/adm/messages

Check the permissions of the /var/adm directory:
# ls -ld /var/adm

If the owner and group of /var/adm/messages is not root and the permissions are not 640, this is a finding.

If the owner of /var/adm is not root, group is not sys, and the permissions are not 750, this is a finding.

Fix Text

The root role is required.

Change the permissions and owner on the /var/adm/messages file:

# chmod 640 /var/adm/messages
# chown root /var/adm/messages
# chgrp root /var/adm/messages

Change the permissions and owner on the /var/adm directory:

# chmod 750 /var/adm
# chown root /var/adm
# chgrp sys /var/adm