Check: OSX8-00-00435
Apple OSX 10.8 STIG:
OSX8-00-00435
(in version v1 r2)
Title
The operating system must limit privileges to change software resident within software libraries (including privileged programs). (Cat II impact)
Discussion
When dealing with change control issues, it should be noted that any changes to the hardware, software, and/or firmware components of the operating system can potentially have significant effects on the overall security of the system. Only qualified and authorized individuals must be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.
Check Content
To check the permissions and ownership of the system files and make sure they haven't changed from the original installation, run the following command: sudo diskutil verifyPermissions / Any results indicating User/Group/Permissions differ is a finding.
Fix Text
To correct ownership and permissions of files found in the check, run the following command: sudo diskutil repairPermissions /
Additional Identifiers
Rule ID: SV-65643r1_rule
Vulnerability ID: V-51433
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001499 |
The organization limits privileges to change software resident within software libraries. |
Controls
Number | Title |
---|---|
CM-5 (6) |
Limit Library Privileges |