The rexec service must be disabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-51481	OSX8-00-00035	SV-65691r1_rule		High

Description
Remote network access is accomplished by leveraging common communication protocols and establishing a remote connection. These connections will occur over the public Internet. Remote access is any access to an organizational information system by a user (or an information system) communicating through an external, non-organization-controlled network (e.g., the Internet). Examples of remote access methods include dial-up, broadband, and wireless. Using cryptography ensures confidentiality of the remote access connections.

Description

Remote network access is accomplished by leveraging common communication protocols and establishing a remote connection. These connections will occur over the public Internet. Remote access is any access to an organizational information system by a user (or an information system) communicating through an external, non-organization-controlled network (e.g., the Internet). Examples of remote access methods include dial-up, broadband, and wireless. Using cryptography ensures confidentiality of the remote access connections.

STIG	Date
Apple OS X 10.8 (Mountain Lion) Workstation STIG	2015-02-10

Details

Check Text ( C-53823r1_chk )
The service "rexec" should be disabled, to check the status of the service, run the following command: sudo defaults read /System/Library/LaunchDaemons/exec Disabled If the result is not "1", this is a finding.

Fix Text (F-56283r1_fix)
To set the "rexec" service to disabled, run the following command: sudo defaults write /System/Library/LaunchDaemons/exec Disabled 1