UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The operating system must disable information system functionality that provides the capability for automatic execution of code on mobile devices without user direction.


Overview

Finding ID Version Rule ID IA Controls Severity
V-47939 SOL-11.1-030060 SV-60811r1_rule Medium
Description
Mobile devices include portable storage media (e.g., USB memory sticks, external hard disk drives) and portable computing and communications devices with information storage capability (e.g., notebook/laptop computers, personal digital assistants, cellular telephones, digital cameras, audio recording devices). Auto execution vulnerabilities can result in malicious programs being automatically executed. Examples of information system functionality providing the capability for automatic execution of code are Auto Run and Auto Play. Auto Run and Auto Play are components of the Microsoft Windows operating system that dictate what actions the system takes when a drive is mounted. This requirement is designed to address vulnerabilities that arise when mobile devices such as USB memory sticks or other mobile storage devices are automatically mounted and applications are automatically invoked without user knowledge or acceptance.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2017-01-05

Details

Check Text ( C-50375r1_chk )
This check applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is "global", this check applies.

Determine if the removable media volume manager is running.

# svcs -Ho state svc:/system/filesystem/rmvolmgr:default

If the output reports that the service is "online", this is a finding.
Fix Text (F-51551r1_fix)
The Service Management profile is required.

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename

If the command output is "global", this action applies.

Disable the rmvolmgr service.

# pfexec svcadm disable svc:/system/filesystem/rmvolmgr:default