BlackBerry 10 OS must grant a downloaded application only the permissions that DoD has authorized for that application.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-40714 | BB10-00-000300 | SV-52712r1_rule | High |
| Description |
|---|
| Mobile operating system applications that are able to perform unintended functions may be able to obtain sensitive information or otherwise compromise system security. The permissions that an application requires to perform its function may be delineated in a permissions manifest or in entitlements that are either bound to the application or embedded in its code. Enforcing these permissions limitations is necessary to ensure the application is not permitted to perform unintended functions. |
| STIG | Date |
|---|---|
| BlackBerry 10 OS Security Technical Implementation Guide | 2014-08-27 |
Details
| Check Text ( C-47040r1_chk ) |
|---|
| From the Work Space, navigate to "Settings -> Security and Privacy -> Application Permissions" and select "All" in the "Permissions" dropdown box. For each application, ensure the requested permissions (e.g., Location, Contacts, Shared Files, etc.) are set to "On" only for DoD authorized permissions. Otherwise, this is a finding. NOTE: If no applications are installed, this requirement is NA. |
| Fix Text (F-45636r1_fix) |
|---|
| From the Work Space, navigate to "Settings -> Security and Privacy -> Application Permissions" and select "All" in "Permissions" dropdown box. For each application, set requested permission (e.g. Location, Contacts, Shared Files, etc.) to "On" or "Off" as authorized by DoD. NOTE: This fix procedure affects both Personal and Work Spaces. |