Allow execution of binary or machine-executable code only in confined physical or virtual machine environments and with the explicit approval of [Assignment: organization-defined personnel or roles] when such code is:
(a) Obtained from sources with limited or no warranty; and/or
(b) Without the provision of source code.
|
|
| Control Identifier | CM-7(7) |
| Latest Sync Date | 19/12/24 09:18:14 |
| Discussion | Code execution in protected environments applies to all sources of binary or machine-executable code, including commercial software and firmware and open-source software. |
| Related Controls | CM-10, SC-44. |