Finder must be set to always empty Trash securely.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-51271 | OSX8-00-01075 | SV-65481r1_rule | Low |
| Description |
|---|
| Finder must be set to always empty Trash securely. In Mac OS X Finder can be configured to always securely erase items placed in the Trash. This prevents data placed in the Trash from being restored. |
| STIG | Date |
|---|---|
| Apple OS X 10.8 (Mountain Lion) Workstation STIG | 2015-02-10 |
Details
| Check Text ( C-53619r1_chk ) |
|---|
| To check that the finder will only present the option to securely empty trash run the following command as the primary user: system_profiler SPConfigurationProfileDataType | grep EmptyTrashSecurely | awk '{ print $3 }' | sed 's/;//' If the result does not return a setting, or the setting is not "1", this is a finding. |
| Fix Text (F-56071r1_fix) |
|---|
| This should be enforced by a configuration profile. |