Title

The operating system must protect audit tools from unauthorized deletion. (Cat II impact)

Discussion

Failure to maintain system configurations may result in privilege escalation.

Check Content

The Software Installation Profile is required. Determine what the signature policy is for pkg publishers: # pkg property | grep signature-policy Check that output produces: signature-policy verify If the output does not confirm that signature-policy verify is active, this is a finding. Check that package permissions are configured and signed per vendor requirements. # pkg verify If the command produces any output unrelated to STIG changes, this is a finding. There is currently a Solaris 11 bug 16267888 which reports pkg verify errors for a variety of python packages. These can be ignored.

Fix Text

The Software Installation Profile is required. Configure the package system to ensure that digital signatures are verified. # pfexec pkg set-property signature-policy verify Check that package permissions are configured per vendor requirements. # pfexec pkg verify If any errors are reported unrelated to STIG changes, use: # pfexec pkg fix to bring configuration settings and permissions into factory compliance.

Additional Identifiers

Rule ID: SV-216284r603267_rule

Vulnerability ID: V-216284

Group Title: SRG-OS-000258

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.