Check: APPL-12-002066
Apple macOS 12 (Monterey) STIG:
APPL-12-002066
(in versions v1 r9 through v1 r1)
Title
The macOS system must not allow an unattended or automatic logon to the system. (Cat II impact)
Discussion
Failure to restrict system access to authenticated users negatively impacts operating system security.
Check Content
To check if the system is configured to automatically log on, run the following command: /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep DisableAutoLoginClient If "com.apple.login.mcx.DisableAutoLoginClient" is not set to "1", this is a finding.
Fix Text
This setting is enforced using the "Login Window Policy" configuration profile.
Additional Identifiers
Rule ID: SV-252515r991591_rule
Vulnerability ID: V-252515
Group Title: SRG-OS-000480-GPOS-00229
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
Implement the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |