Check: APPL-11-002066
Apple macOS 11 (Big Sur) STIG:
APPL-11-002066
(in versions v1 r8 through v1 r1)
Title
The macOS system must not allow an unattended or automatic logon to the system. (Cat II impact)
Discussion
Failure to restrict system access to authenticated users negatively impacts operating system security.
Check Content
To check if the system is configured to automatically log on, run the following command: /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep DisableAutoLoginClient If "com.apple.login.mcx.DisableAutoLoginClient" is not set to "1", this is a finding.
Fix Text
This setting is enforced using the "Login Window Policy" configuration profile.
Additional Identifiers
Rule ID: SV-230825r877377_rule
Vulnerability ID: V-230825
Group Title: SRG-OS-000480-GPOS-00229
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |