UCF STIG Viewer Logo

The mobile operating system must prevent the user of the device from directly administering UIDs, file permissions, and system configuration files, and from starting and stopping system processes.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33113 SRG-OS-000133-MOS-000075 SV-43511r1_rule High
Description
If the user of the device can perform management functions, the user could modify the device configuration to degrade the IA posture of the device. Preventing such activity mitigates the risk of this vulnerability.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41372r1_chk )
Navigate the mobile operating system and applications to determine if it is possible to directly administer UIDs, file permissions, and system configuration files. Also do this to determine if it is possible to start or stop system processes. The presence of applications that launch a command line shell is an indicator that this may be possible. If any of the listed management functions can be performed, this is a finding.
Fix Text (F-37013r1_fix)
Configure the mobile operating system to prevent the user of the device from directly administering UIDs, file permissions, and system configuration files, and from starting and stopping system processes.