Security audit software flags /system/contract/process/<PID>/ctl entries as world-writable
(Doc ID 1308086.1)
Last updated on AUGUST 26, 2019
Applies to:
Solaris Operating System - Version 10 3/05 and laterInformation in this document applies to any platform.
Symptoms
Security auditing software flags the ctl entry in the /system/contract/process/<PID>/ directories as being a security risk, since they appear to be world-writable.
Below is an example directory listing showing the entry in question.
/system/contract/process/31> ls -l
total 0
--w--w--w- 1 root root 0 Mar 9 13:06 ctl
-r--r--r-- 1 root root 0 Mar 9 13:06 events
-r--r--r-- 1 root root 0 Mar 9 13:06 status
total 0
--w--w--w- 1 root root 0 Mar 9 13:06 ctl
-r--r--r-- 1 root root 0 Mar 9 13:06 events
-r--r--r-- 1 root root 0 Mar 9 13:06 status
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |