The macOS system must be configured to disable hot corners.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-230749 | APPL-11-000007 | SV-230749r599842_rule | Medium |
| Description |
|---|
| Although hot corners can be used to initiate a session lock or launch useful applications, they can also be configured to disable an automatic session lock from initiating. Such a configuration introduces the risk that a user might forget to manually lock the screen before stepping away from the computer. |
| STIG | Date |
|---|---|
| Apple macOS 11 (Big Sur) Security Technical Implementation Guide | 2022-02-16 |
Details
| Check Text ( C-33694r607133_chk ) |
|---|
| To check if the system is configured to disable hot corners, run the following commands: /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep wvous If the return is null, or does not equal: "wvous-bl-corner = 0 wvous-br-corner = 0; wvous-tl-corner = 0; wvous-tr-corner = 0;" this is a finding. |
| Fix Text (F-33667r607134_fix) |
|---|
| This setting is enforced using the "Custom Policy" configuration profile. |