Check: SOL-11.1-020190
Solaris 11 x86 STIG:
SOL-11.1-020190
(in versions v2 r10 through v1 r10)
Title
The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system. (Cat II impact)
Discussion
Addition of unauthorized code or packages may result in data corruption or theft.
Check Content
The Software Installation Profile is required. Display the installation history of packages on the system to ensure that no undesirable packages have been installed: # pkg history -o finish,user,operation,command |grep install If the install command is listed as "/usr/bin/packagemanager", execute the command: # pkg history -l to determine which packages were installed during package manager sessions. If undocumented or unapproved packages have been installed, this is a finding.
Fix Text
The Software Installation Profile is required. Review and report any unauthorized package installation operations. If necessary, remove unauthorized packages. # pfexec pkg uninstall [package name]
Additional Identifiers
Rule ID: SV-219998r854558_rule
Vulnerability ID: V-219998
Group Title: SRG-OS-000363
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000416 |
The organization employs automated mechanisms, per organization-defined frequency, to detect the presence of unauthorized hardware, software, and firmware components within the information system. |
| CCI-001744 |
The information system implements organization-defined security responses automatically if baseline configurations are changed in an unauthorized manner. |