Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-58273 | AOSX-09-000085 | SV-72703r1_rule | Medium |
Description |
---|
Applications should not be configured to launch automatically when a disk is inserted. This potentially circumvents anti-virus software and allows malicious users to craft disks that can exploit user applications. Disabling Automatic Actions for blank CDs mitigates this risk. |
STIG | Date |
---|---|
Apple OS X 10.9 (Mavericks) Workstation Security Technical Implementation Guide | 2017-01-05 |
Check Text ( C-59097r1_chk ) |
---|
To check if the system has the correct setting for blank CDs in the configuration profile, run the following command: system_profiler SPConfigurationProfileDataType | grep -A 2 'com.apple.digihub.blank.cd.appeared' If this is not defined or 'action' is not set to '1', this is a finding. |
Fix Text (F-63587r1_fix) |
---|
This setting is enforced using a configuration profile. |