usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-02-03 05:53:24 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity

Format problem in remediation of a number of 'os' section rules #228

New Issue
Closed
opened 2026-01-19 18:29:44 +00:00 by michael · 1 comment
michael commented 2026-01-19 18:29:44 +00:00
Owner
Copy Link

Originally created by @Honestpuck on GitHub.

Originally assigned to: @golbiga, @brodjieski on GitHub.

Summary

There are a number of rules in the os section that set a key in the mount-controls key in com.apple.systemuiserver While the mobileconfigs are generated properly there must be a minor format problem because in the guidance the remediation description just has the mount-controls key but not the sub key and settings array.

Steps to reproduce

Generate the all_rules guidance and go to section 9, you can see the error.

Operating System version

macOS 12.5.1 the dev_ventura branch.

What is the current bug behavior?

The remediation is just <key>mount-controls</key>

What is the expected correct behavior?

In the remediation it should have:

<key>mount-controls</key>
	<dict>
		<key>blankbd</key>
		<array>
			<string>alert</string>
			<string>eject</string>
		</array>
<dict>

Possible fixes

I tried to correct the format myself but couldn't manage it. If somebody can fix one I will copy it across the lot.

Originally created by @Honestpuck on GitHub. Originally assigned to: @golbiga, @brodjieski on GitHub. ### Summary There are a number of rules in the `os` section that set a key in the `mount-controls` key in `com.apple.systemuiserver` While the mobileconfigs are generated properly there must be a minor format problem because in the guidance the remediation description just has the `mount-controls` key but not the sub key and settings array. ### Steps to reproduce Generate the `all_rules` guidance and go to section 9, you can see the error. ### Operating System version macOS 12.5.1 the `dev_ventura` branch. ### What is the current *bug* behavior? The remediation is just `<key>mount-controls</key>` ### What is the expected *correct* behavior? In the remediation it should have: ``` <key>mount-controls</key> <dict> <key>blankbd</key> <array> <string>alert</string> <string>eject</string> </array> <dict> ``` ### Possible fixes I tried to correct the format myself but couldn't manage it. If somebody can fix one I will copy it across the lot.
michael commented 2026-01-19 18:29:44 +00:00
Author
Owner
Copy Link

@golbiga commented on GitHub:

This is fixed and merged into the os branches. It will get merged into main during the ventura release

@golbiga commented on GitHub: This is fixed and merged into the os branches. It will get merged into main during the ventura release
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
michael
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: usnistgov/macos_security#228
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?