Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system must verify that package updates are digitally signed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-219997 | SOL-11.1-020020 | SV-219997r854557_rule | Medium |
| Description |
|---|
| Digitally signed packages ensure that the source of the package can be identified. |
| STIG | Date |
|---|---|
| Solaris 11 x86 Security Technical Implementation Guide | 2024-02-02 |
Details
| Check Text ( C-21707r372520_chk ) |
|---|
| Determine what the signature policy is for pkg publishers: # pkg property | grep signature-policy Check that output produces: signature-policy verify If the output does not confirm that signature-policy verify is active, this is a finding. |
| Fix Text (F-21706r372521_fix) |
|---|
| The Software Installation Profile is required. Configure the package system to ensure that digital signatures are verified. # pfexec pkg set-property signature-policy verify |