The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-47923	SOL-11.1-020190	SV-60795r1_rule		Medium

Description
Addition of unauthorized code or packages may result in data corruption or theft.

STIG	Date
Solaris 11 SPARC Security Technical Implementation Guide	2016-06-29

Details

Check Text ( C-50359r1_chk )
The Software Installation Profile is required. Display the installation history of packages on the system to ensure that no undesirable packages have been installed: # pkg history -o finish,user,operation,command \|grep install If the install command is listed as "/usr/bin/packagemanager", execute the command: # pkg history -l to determine which packages were installed during package manager sessions. If undocumented or unapproved packages have been installed, this is a finding.

Check Text ( C-50359r1_chk )

The Software Installation Profile is required.

Display the installation history of packages on the system to ensure that no undesirable packages have been installed:

# pkg history -o finish,user,operation,command |grep install

If the install command is listed as "/usr/bin/packagemanager", execute the command:

# pkg history -l

to determine which packages were installed during package manager sessions.

If undocumented or unapproved packages have been installed, this is a finding.

Fix Text (F-51535r1_fix)
The Software Installation Profile is required. Review and report any unauthorized package installation operations. If necessary, remove unauthorized packages. # pfexec pkg uninstall [package name]