GEN000000-SOL00300 - The Solaris system EEPROM security-mode parameter must be set to full or command mode.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

If the EEPROM security-mode parameter is not set to full or command, then unauthorized access to system EEPROM can take place. In normal situations, when the system is in a controlled access area and it is desirable to have it automatically reboot upon loss of and restoring of power, for instance, then command mode with the autoboot parameter set to true is recommended.

Solution

Set the system EEPROM security-mode parameter to full or command.

# eeprom security-mode=full
OR
# eeprom security-mode=command

The system will prompt the user for a password. This should be securely stored.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_SPARC_V2R1_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-7(9), CAT|II, CCI|CCI-000366, Rule-ID|SV-226419r505925_rule, STIG-ID|GEN000000-SOL00300, STIG-Legacy|SV-958, STIG-Legacy|V-958, Vuln-ID|V-226419

Plugin: Unix

Control ID: b13d453e7a32a003a70986429012d2d911027c3909d4e5d4829abbca0f8b69ca