The Photon operating system must only allow installation of packages signed by VMware.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-239104 | PHTN-67-000032 | SV-239104r675120_rule | Medium |
| Description |
|---|
| Installation of any non-trusted software, patches, service packs, device drivers, or operating system components can significantly affect the overall security of the operating system. This requirement ensures the software has not been tampered with and has been provided by VMware. |
| STIG | Date |
|---|---|
| VMware vSphere 6.7 Photon OS Security Technical Implementation Guide | 2021-04-15 |
Details
| Check Text ( C-42315r675118_chk ) |
|---|
| At the command line, execute the following command: # rpm -qa gpg-pubkey --qf "%{version}-%{release} %{summary}\n"|grep -v "66fd4949-4803fe57" If there is any output, an unsupported package has been installed and this is a finding. |
| Fix Text (F-42274r675119_fix) |
|---|
| Confirm with VMware support that this package is not supported (for potential package additions after STIG publication). At the command line, execute the following command: # rpm -e |