Check: GEN008800
Solaris 10 SPARC STIG:
GEN008800
(in versions v2 r4 through v1 r19)
Title
The system package management tool must cryptographically verify the authenticity of software packages during installation. (Cat III impact)
Discussion
To prevent the installation of software from unauthorized sources, the system package management tool must use cryptographic algorithms to verify the packages are authentic.
Check Content
Verify package signature validation is not disabled. # grep "authentication=quit" /var/sadm/install/admin/default If no configuration is returned, this is a finding.
Fix Text
Edit /var/sadm/install/admin/default and set the authentication setting to quit.
Additional Identifiers
Rule ID: SV-227076r854455_rule
Vulnerability ID: V-227076
Group Title: SRG-OS-000366
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001749 |
The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization. |
Controls
Number | Title |
---|---|
CM-5 (3) |
Signed Components |