UCF STIG Viewer Logo

BlackBerry 10 OS must grant a downloaded application only the permissions the AO has authorized for that application.


Overview

Finding ID Version Rule ID IA Controls Severity
V-47201 BB10-2X-000300 SV-60073r3_rule High
Description
Mobile operating system applications that are able to perform unintended functions may be able to obtain sensitive information or otherwise compromise system security. The permissions that an application requires to perform its function may be delineated in a permissions manifest or in entitlements that are either bound to the application or embedded in its code. Enforcing these permissions limitations is necessary to ensure the application is not permitted to perform unintended functions.
STIG Date
BlackBerry 10.2.x OS Security Technical Implementation Guide 2015-07-02

Details

Check Text ( C-50027r3_chk )
From the Work Space, navigate to "Settings >> Security and Privacy >> Application Permissions" and select "All" in the "Permissions" dropdown box.

For each application, ensure the requested permissions (e.g., Location, Contacts, Shared Files, etc.) are set to "On" only for AO authorized permissions.

Otherwise, this is a finding.

NOTE: If no applications are installed, this requirement is NA.
Fix Text (F-50905r5_fix)
From the Work Space, navigate to "Settings >> Security and Privacy >> Application Permissions" and select "All" in "Permissions" dropdown box.

For each application, set requested permission (e.g. Location, Contacts, Shared Files, etc.) to "On" or "Off" as identified by the AO.