From 90ed20d91ed48ae69974a490683186cd70600b40 Mon Sep 17 00:00:00 2001 From: Allen Golbig Date: Sun, 21 Mar 2021 17:14:49 -0400 Subject: [PATCH] removed sysprefs_afp_disable --- baselines/800-53_high.yaml | 1 - baselines/800-53_low.yaml | 1 - baselines/800-53_moderate.yaml | 1 - rules/sysprefs/sysprefs_afp_disable.yaml | 41 ------------------------ 4 files changed, 44 deletions(-) delete mode 100644 rules/sysprefs/sysprefs_afp_disable.yaml diff --git a/baselines/800-53_high.yaml b/baselines/800-53_high.yaml index bed41163..14278db8 100644 --- a/baselines/800-53_high.yaml +++ b/baselines/800-53_high.yaml @@ -123,7 +123,6 @@ profile: - sysprefs_screensaver_timeout_enforce - sysprefs_firewall_enable - sysprefs_find_my_disable - - sysprefs_afp_disable - sysprefs_content_caching_disable - sysprefs_location_services_disable - sysprefs_time_server_configure diff --git a/baselines/800-53_low.yaml b/baselines/800-53_low.yaml index 8e029c62..c4283aee 100644 --- a/baselines/800-53_low.yaml +++ b/baselines/800-53_low.yaml @@ -100,7 +100,6 @@ profile: - sysprefs_rae_disable - sysprefs_firewall_enable - sysprefs_find_my_disable - - sysprefs_afp_disable - sysprefs_content_caching_disable - sysprefs_location_services_disable - sysprefs_diagnostics_reports_disable diff --git a/baselines/800-53_moderate.yaml b/baselines/800-53_moderate.yaml index 8216e699..c4bbad29 100644 --- a/baselines/800-53_moderate.yaml +++ b/baselines/800-53_moderate.yaml @@ -120,7 +120,6 @@ profile: - sysprefs_screensaver_timeout_enforce - sysprefs_firewall_enable - sysprefs_find_my_disable - - sysprefs_afp_disable - sysprefs_content_caching_disable - sysprefs_location_services_disable - sysprefs_time_server_configure diff --git a/rules/sysprefs/sysprefs_afp_disable.yaml b/rules/sysprefs/sysprefs_afp_disable.yaml deleted file mode 100644 index 57c913f7..00000000 --- a/rules/sysprefs/sysprefs_afp_disable.yaml +++ /dev/null @@ -1,41 +0,0 @@ -id: sysprefs_afp_disable -title: "Disable Apple Filing Protocol Sharing" -discussion: | - If the system does not require Apple Filing Protocol (AFP) Sharing, support it is non-essential and _MUST_ be disabled. - - The information system _MUST_ be configured to provide only essential capabilities. Disabling AFP helps prevent the unauthorized connection of devices and the unauthorized transfer of information. -check: | - /bin/launchctl print-disabled system | /usr/bin/grep -c '"com.apple.AppleFileServer" => true' -result: - integer: 1 -fix: | - [source,bash] - ---- - /bin/launchctl disable system/com.apple.AppleFileServer - ---- - The system may need to be restarted for the update to take effect. -references: - cce: - - CCE-85416-6 - cci: - - CCI-000381 - 800-53r4: - - AC-3 - srg: - - SRG-OS-000095-GPOS-00049 - disa_stig: - - APPL-11-002002 - 800-171r2: - - 3.1.1 - - 3.1.2 -macOS: - - "11.0" -tags: - - 800-171 - - cnssi-1253 - - 800-53r4_low - - 800-53r4_moderate - - 800-53r4_high - -mobileconfig: false -mobileconfig_info: \ No newline at end of file