Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-35635 | SRG-APP-000240-MAPP-NA | SV-46922r1_rule | Medium |
Description |
---|
Organizations may require applications or application components to be non-modifiable or to be stored and executed on non-writeable storage. Use of non-modifiable storage ensures the integrity of the software program from the point of creation of the read-only image and eliminates the possibility of malicious code insertion. Rationale for non-applicability: This control conflicts with a core requirement that mobile applications be modifiable. The primary means for updating the configuration of mobile applications is to replace the entire application. |
STIG | Date |
---|---|
Mobile Application Security Requirements Guide | 2013-01-04 |
Check Text ( C-43978r1_chk ) |
---|
This requirement is NA for the MAPP SRG. |
Fix Text (F-40177r1_fix) |
---|
The requirement is NA. No fix is required. |