Title

The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service. (Cat II impact)

Discussion

The system must not have the UUCP service active. UUCP, a set of programs that enables sending files between different Unix systems and sending commands to be executed on another system, is not essential and must be disabled to prevent unauthorized connection of devices, transfer of information, and tunneling. Note: UUCP service is disabled at startup by default with macOS.

Check Content

Verify the macOS system is configured to disable UUCP service with the following command: result="FAIL" enabled=$(/bin/launchctl print-disabled system | /usr/bin/grep '"com.apple.uucp" => enabled') running=$(/bin/launchctl print system/com.apple.uucp 2>/dev/null) if [[ -z "$running" ]] && [[ -z "$enabled" ]]; then result="PASS" elif [[ -n "$running" ]]; then result=result+" RUNNING" elif [[ -n "$enabled" ]]; then result=result+" ENABLED" fi echo $result If the result is not "PASS", this is a finding.

Fix Text

Configure the macOS system to disable UUCP service with the following command: /bin/launchctl bootout system/com.apple.uucp /bin/launchctl disable system/com.apple.uucp The system may need a restart for the update to take effect.

Additional Identifiers

Rule ID: SV-277089r1149391_rule

Vulnerability ID: V-277089

Group Title: SRG-OS-000080-GPOS-00048

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.