Apple File Sharing must be disabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-51633	OSX8-00-00140	SV-65843r1_rule		Medium

Description
Depending on the information sharing circumstance, the sharing partner may be defined at the individual, group, or organization level and information may be defined by specific content, type, or security categorization. The operating system must restrict data in some manner (e.g., privileged medical, contract-sensitive, proprietary, personally identifiable information, special access programs/compartments) and must provide the capability to automatically enable authorized users to make information sharing decisions based upon access authorizations.

Description

Depending on the information sharing circumstance, the sharing partner may be defined at the individual, group, or organization level and information may be defined by specific content, type, or security categorization. The operating system must restrict data in some manner (e.g., privileged medical, contract-sensitive, proprietary, personally identifiable information, special access programs/compartments) and must provide the capability to automatically enable authorized users to make information sharing decisions based upon access authorizations.

STIG	Date
Apple OS X 10.8 (Mountain Lion) Workstation STIG	2015-02-10

Details

Check Text ( C-53945r2_chk )
To check if file sharing is disabled, run the following command: sudo /usr/libexec/PlistBuddy -c "print com.apple.AppleFileServer:Disabled" /var/db/launchd.db/com.apple.launchd/overrides.plist If the returned value isn't "true" or doesn't exist, this is a finding.

Fix Text (F-56435r1_fix)
To disable file sharing, run the following command: sudo defaults write /private/var/db/launchd.db/com.apple.launchd/overrides.plist "com.apple.AppleFileServer" '{ "Disabled" = 1; }'