The Bluetooth software driver must be removed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-59539 | AOSX-10-000065 | SV-73969r1_rule | Low |
| Description |
|---|
| The Bluetooth kernel extension must be removed, as wireless access introduces unnecessary security risks. Removing Bluetooth support entirely mitigates this risk. |
| STIG | Date |
|---|---|
| Apple OS X 10.10 (Yosemite) Workstation Security Technical Implementation Guide | 2017-04-06 |
Details
| Check Text ( C-60309r1_chk ) |
|---|
| If Bluetooth connectivity is required to facilitate use of approved external devices, this is not applicable. To check if there are any hardware components for Bluetooth loaded in the system, run the following command: sudo kextstat | grep -i bluetooth If there is a result, this is a finding. |
| Fix Text (F-64949r1_fix) |
|---|
| Removing the kernel extensions for Bluetooth will remove the system's ability to load Bluetooth devices, use the following commands to remove them: sudo rm -rf /System/Library/Extensions/IOBluetoothFamily.kext /System/Library/Extensions/IOBluetoothHIDDriver.kext; sudo touch /System/Library/Extensions |