STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Solaris 11 X86 Security Technical Implementation Guide

V-219998

CAT II (Medium)

The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system.

Rule ID

SV-219998r958794_rule

STIG

Solaris 11 X86 Security Technical Implementation Guide

Version

V3R5

CCIs

CCI-001744

Discussion

Addition of unauthorized code or packages may result in data corruption or theft.

Check Content

The Software Installation Profile is required.

Display the installation history of packages on the system to ensure that no undesirable packages have been installed:

# pkg history -o finish,user,operation,command |grep install

If the install command is listed as "/usr/bin/packagemanager", execute the command:

# pkg history -l 

to determine which packages were installed during package manager sessions.

If undocumented or unapproved packages have been installed, this is a finding.

Fix Text

The Software Installation Profile is required.

Review and report any unauthorized package installation operations.

If necessary, remove unauthorized packages.

# pfexec pkg uninstall [package name]