The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-219998 | SOL-11.1-020190 | SV-219998r958794_rule | CCI-001744 | medium |
| Description | ||||
| Addition of unauthorized code or packages may result in data corruption or theft. | ||||
| STIG | Date | |||
| Solaris 11 X86 Security Technical Implementation Guide | 2025-05-05 | |||
Details
Check Text (C-219998r958794_chk)
The Software Installation Profile is required.
Display the installation history of packages on the system to ensure that no undesirable packages have been installed:
# pkg history -o finish,user,operation,command |grep install
If the install command is listed as "/usr/bin/packagemanager", execute the command:
# pkg history -l
to determine which packages were installed during package manager sessions.
If undocumented or unapproved packages have been installed, this is a finding.
Fix Text (F-21707r372566_fix)
The Software Installation Profile is required.
Review and report any unauthorized package installation operations.
If necessary, remove unauthorized packages.
# pfexec pkg uninstall [package name]