← Back to Solaris 11 X86 Security Technical Implementation Guide

V-216108

CAT III (Low)

The value mesg n must be configured as the default setting for all users.

Rule ID

SV-216108r959010_rule

STIG

Solaris 11 X86 Security Technical Implementation Guide

Version

V3R5

CCIs

CCI-000366

Discussion

The "mesg n" command blocks attempts to use the "write" or "talk" commands to contact users at their terminals, but has the side effect of slightly strengthening permissions on the user's TTY device.

Check Content

Determine if "mesg n" is the default for users.

# grep "^mesg" /etc/.login

# grep "^mesg" /etc/profile

If either of these commands produces a line:
mesg y

this is a finding.

For each existing user on the system, enter the command:

# mesg

If the command output is:
is y

this is a finding.

Fix Text

The root role is required.

Edit the default profile configuration files.

# pfedit /etc/profile 
# pfedit /etc/.login

In each file add a new line:

mesg n

For each user on the system, enter the command:

# mesg n