STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Solaris 11 X86 Security Technical Implementation Guide

V-219998

CAT II (Medium)

The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system.

Rule ID

SV-219998r958794_rule

STIG

Solaris 11 X86 Security Technical Implementation Guide

Version

V3R5

CCIs

CCI-001744

Discussion

Addition of unauthorized code or packages may result in data corruption or theft.

Check Content

The Software Installation Profile is required.

Display the installation history of packages on the system to ensure that no undesirable packages have been installed:

# pkg history -o finish,user,operation,command |grep install

If the install command is listed as "/usr/bin/packagemanager", execute the command:

# pkg history -l 

to determine which packages were installed during package manager sessions.

If undocumented or unapproved packages have been installed, this is a finding.

Fix Text

The Software Installation Profile is required.

Review and report any unauthorized package installation operations.

If necessary, remove unauthorized packages.

# pfexec pkg uninstall [package name]