Bug ID: 4917108 /var/adm/loginlog, /var/adm/sulog should exist by default

Bug ID	4917108
Synopsis	/var/adm/loginlog, /var/adm/sulog should exist by default
State	4-Defer:No Resource Available (Accepted, but the fix may not be made soon.)
Category:Subcategory	utility:security
Keywords	SOOTB \| gse-sec-team \| sbd \| sol-sec-guide
Reported Against	5.10
Duplicate Of
Introduced In
Commit to Fix
Fixed In
Release Fixed
Related Bugs
Submit Date	4-September-2003
Last Update Date	18-March-2009
Description	The /var/adm/loginlog should exist by default. Per the manual page: > After five unsuccessful login attempts, all the attempts are > logged in the file /var/adm/loginlog. This file contains one > record for each failed attempt. Each record contains the > login name, tty specification, and time. From a security perspective, it would be very useful if this file were created by default. Is there any reason why this is not already the case? It should not be incumbant on the administrator to have to create this file - which most often would be done after the admin needed it in the first place. Further, this could help eliminate some of the post-installation work that is typically done to improve the security of the system by tools such as the Solaris Security Toolkit as well as third-party and customer developed tools. This is an area where we should be able to make Solaris more secure out of the box without much impact on the system or its resources. xxxxx@xxxxx.com 2003-09-03 xxxxx@xxxxx.com 2003-10-08
Work Around	N/A
Comments	N/A

OpenSolaris