Product:
IBM BigFix Compliance
Title:
Updated DISA STIG Checklist for Solaris 10 to support a more recent version of benchmark
Security Benchmark:
Solaris 10 STIG Version 1, Release 18
Published Sites:
DISA STIG Checklist for Solaris 10 – RG03, site version 8
(The site version is provided for air-gap customers.)
Changelist:
• GEN007700 Removed.
• GEN001902 Fixed parameter that should be LD_PRELOAD, not LD_LOAD.
• GEN002280 Added some device files in /dev to default EXCLUDEFILES.
• GEN001840 $PATH is no longer allowed in PATH in initialization files.
• GEN001845 $LD_LIBRARY_PATH is no longer allowed in LD_LIBRARY_PATH
in initialization files.
• GEN001850 $LD_PRELOAD is no longer allowed in LD_PRELOAD in
initialization files.
• GEN000242 This check only applies to global zone.
• DISA has also updated various fixlet descriptions.
Details:
• Both analysis and remediation checks are included
• Some of the checks allow you to use the parameterized setting to enable customization for compliance evaluation. Note that parameterization and remediation actions require the creation of a custom site.
Actions to take:
• If you are already subscribed to this site, no action is needed.
• To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using IBM BigFix version 9.2 and later.
More information:
To know more about the IBM BigFix Compliance SCM checklists, please see the following resources:
• IBM Developer Works:
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/SCM%20Checklists
• IBM BigFix Blog:
https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910?lang=en
• IBM BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance
We hope you find this latest release of SCM content useful and effective. Thank you!
– The IBM BigFix Compliance team