Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The operating system must protect audit tools from unauthorized access.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-47885 | SOL-11.1-020030 | SV-60757r1_rule | Medium |
| Description |
|---|
| Failure to maintain system configurations may result in privilege escalation. |
| STIG | Date |
|---|---|
| Solaris 11 X86 Security Technical Implementation Guide | 2015-12-07 |
Details
| Check Text ( C-50321r1_chk ) |
|---|
| The Software Installation Profile is required. Determine what the signature policy is for pkg publishers: # pkg property | grep signature-policy Check that output produces: signature-policy verify If the output does not confirm that signature-policy verify is active, this is a finding. Check that package permissions are configured and signed per vendor requirements. # pkg verify If the command produces any output unrelated to STIG changes, this is a finding. There is currently a Solaris 11 bug 16267888 which reports pkg verify errors for a variety of python packages. These can be ignored. |
| Fix Text (F-51497r1_fix) |
|---|
| The Software Installation Profile is required. Configure the package system to ensure that digital signatures are verified. # pfexec pkg set-property signature-policy verify Check that package permissions are configured per vendor requirements. # pfexec pkg verify If any errors are reported unrelated to STIG changes, use: # pfexec pkg fix to bring configuration settings and permissions into factory compliance. |