The mobile operating system must prohibit modifications to software libraries unless performed as part of a software installation or update from a trusted source.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-33270 | SRG-OS-000259-MOS-000129 | SV-43689r1_rule | Medium |
| Description |
|---|
| When dealing with change control issues, it should be noted that any changes to the hardware, software, and/or firmware components of the operating system can potentially have significant effects on the overall security of the system. Only authorized individuals must be allowed to obtain access to mobile device components for purposes of initiating changes, including upgrades and modifications. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2013-07-03 |
Details
| Check Text ( C-41567r1_chk ) |
|---|
| Examine the mobile operating system configuration for prohibiting modifications to software libraries unless performed as part of a software installation or update from a trusted source. If modifications are allowed to software libraries outside of software installation or update, this is a finding. |
| Fix Text (F-37200r1_fix) |
|---|
| Configure the mobile operating system to prohibit modifications to software libraries unless performed as part of a software installation or update from a trusted source. |