Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
DCSL-1 System Library Management Controls
Overview
System libraries are managed and maintained to protect privileged programs and to prevent or minimize the introduction of unauthorized code.
| MAC / CONF | Impact | Subject Area |
|---|---|---|
| MACI MACII MACIII | Medium | Security Design and Configuration |
Details
| Threat |
|---|
| Without appropriate library management controls, unauthorized code can intentionally or inadvertently be added to information systems. Software versioning, access rights, etc. all work towards maintaining a known configuration. |
| Guidance |
|---|
| 1. Libraries shall be controlled by the CCB. 2. Access to libraries shall be restricted to a minimum number of individuals. 3. A library access log shall be maintained, preferably automated. |
References
- IEEE 12207.0, Industry Implementation of International Standard ISO/IEC 12207: 1995 (ISO/IEC 12207)) Standard for Information Technology - Software Life Cycle Processes, 01 March 1998