The system package management tool must cryptographically verify the authenticity of software packages during installation.
DISA Rule
SV-227076r603265_rule
Vulnerability Number
V-227076
Group Title
SRG-OS-000366
Rule Version
GEN008800
Severity
CAT III
CCI(s)
- CCI-001749 - The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.
Weight
10
Fix Recommendation
Edit /var/sadm/install/admin/default and set the authentication setting to quit.
Check Contents
Verify package signature validation is not disabled.
# grep "authentication=quit" /var/sadm/install/admin/default
If no configuration is returned, this is a finding.
Vulnerability Number
V-227076
Documentable
False
Rule Version
GEN008800
Severity Override Guidance
Verify package signature validation is not disabled.
# grep "authentication=quit" /var/sadm/install/admin/default
If no configuration is returned, this is a finding.
Check Content Reference
M
Target Key
4060
Comments