From 470fbc209f523d80f06367f010d5086d2f8443eb Mon Sep 17 00:00:00 2001 From: Bob Gendler Date: Fri, 28 Oct 2022 09:55:10 -0400 Subject: [PATCH] refactor[rules]: Removed and edited * Removed system_settings_bluetooth_unpaired_disable * Edited title and discussion for - os_rapid_security_response_removal_disable - system_settings_time_server_enforce --- ...pid_security_response_removal_disable.yaml | 2 +- ...m_settings_bluetooth_unpaired_disable.yaml | 51 ------------------- .../system_settings_time_server_enforce.yaml | 4 +- 3 files changed, 3 insertions(+), 54 deletions(-) delete mode 100644 rules/system_settings/system_settings_bluetooth_unpaired_disable.yaml diff --git a/rules/os/os_rapid_security_response_removal_disable.yaml b/rules/os/os_rapid_security_response_removal_disable.yaml index 275080e8..f49a0021 100644 --- a/rules/os/os_rapid_security_response_removal_disable.yaml +++ b/rules/os/os_rapid_security_response_removal_disable.yaml @@ -1,5 +1,5 @@ id: os_rapid_security_response_removal_disable -title: "Disable user ability from being able to undo the responses" +title: "Disable User Ability from Being Able to Undo Rapid Security Responses" discussion: | Rapid security response (RSR) mechanism _MUST_ be enabled and the ability for the user to disable RSR _MUST_ be disabled. check: | diff --git a/rules/system_settings/system_settings_bluetooth_unpaired_disable.yaml b/rules/system_settings/system_settings_bluetooth_unpaired_disable.yaml deleted file mode 100644 index cc04f58f..00000000 --- a/rules/system_settings/system_settings_bluetooth_unpaired_disable.yaml +++ /dev/null @@ -1,51 +0,0 @@ -id: system_settings_bluetooth_unpaired_disable -title: "Disable Bluetooth When No Devices are Paired" -discussion: | - Bluetooth _MUST_ be disabled when no devices are paired. -check: | - isPaired=$(/usr/sbin/system_profiler SPBluetoothDataType 2>/dev/null | /usr/bin/grep -c 'Connected: Yes') - if [[ "$isPaired" = "0" ]]; then - powerState=$(/usr/sbin/system_profiler SPBluetoothDataType 2>/dev/null | /usr/bin/grep -c 'State: On') - /bin/echo "$powerState" - else - /bin/echo "0" - fi -result: - integer: 0 -fix: | - [source,bash] - ---- - /usr/bin/defaults write /private/var/root/Library/Preferences/com.apple.BTServer.plist defaultPoweredState off - /usr/bin/killall -HUP bluetoothd - ---- -references: - cce: - - CCE-91941-5 - cci: - - N/A - 800-53r5: - - AC-18 - - SC-8 - - AC-18(3) - 800-53r4: - - AC-18(3) - - SC-8 - srg: - - N/A - disa_stig: - - N/A - 800-171r2: - - N/A - cis: - benchmark: - - N/A - controls v8: - - 4.8 - - 12.6 - - 13.9 -macOS: - - "13.0" -tags: - - none -mobileconfig: false -mobileconfig_info: \ No newline at end of file diff --git a/rules/system_settings/system_settings_time_server_enforce.yaml b/rules/system_settings/system_settings_time_server_enforce.yaml index ad463528..a498631a 100644 --- a/rules/system_settings/system_settings_time_server_enforce.yaml +++ b/rules/system_settings/system_settings_time_server_enforce.yaml @@ -1,7 +1,7 @@ id: system_settings_time_server_enforce -title: "Enable macOS Time Synchronization Daemon (timed)" +title: "Enforce macOS Time Synchronization" discussion: | - The timed service _MUST_ be enabled on all networked systems and configured to set time automatically from the approved time server. + Time synchronization _MUST_ be enforced on all networked systems. This rule ensures the uniformity of time stamps for information systems with multiple system clocks and systems connected over a network. check: |