usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-02-03 05:53:24 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity

Duplicate security controls and missing reference values in #252

New Issue
Closed
opened 2026-01-19 18:29:48 +00:00 by michael · 0 comments
michael commented 2026-01-19 18:29:48 +00:00
Owner
Copy Link

Originally created by @liquidoshin on GitHub.

Problem to solve

This is in regards to the big_sur branch in particular
• Bluetooth_prefpane_disable exists in both os and sysprefs folder and sysprefs_bluetooth_prefpane_disable and sysprefs_bluetooth_prefpane_hidden both have same value of “HiddenPreferencesPanes”

The following security controls don't contain a STIG entry in the references section. Almost all SC's, even if not relevant to a guidance, will have the guidance name and the value of n/a

• os_efi_integrity_validated
• os_password_hint_remove
• os_root_disable
• sysprefs_improve_siri_dictation_disable

• A security control seems to appear twice, os_apple_mobile_file_integrity_enforce and os_mobile_file_integrity_enable. Both have the same checks and fixes.

Intended users

All users. Unsure of whether to classify this as a bug or a feature.

Further details

Proposal

Documentation

Testing

What does success look like, and how can we measure that?

Links / references

Originally created by @liquidoshin on GitHub. ### Problem to solve ***This is in regards to the big_sur branch in particular*** • Bluetooth_prefpane_disable exists in both os and sysprefs folder and sysprefs_bluetooth_prefpane_disable and sysprefs_bluetooth_prefpane_hidden both have same value of “HiddenPreferencesPanes” The following security controls don't contain a STIG entry in the references section. Almost all SC's, even if not relevant to a guidance, will have the guidance name and the value of n/a • os_efi_integrity_validated • os_password_hint_remove • os_root_disable • sysprefs_improve_siri_dictation_disable • A security control seems to appear twice, os_apple_mobile_file_integrity_enforce and os_mobile_file_integrity_enable. Both have the same checks and fixes. ### Intended users All users. Unsure of whether to classify this as a bug or a feature. ### Further details <!-- Include use cases, benefits, and/or goals (contributes to our vision?) --> ### Proposal <!-- How are we going to solve the problem? --> ### Documentation <!-- Relevant documentation to the feature--> ### Testing <!-- What risks does this change pose? How might it affect the quality of the product? What additional test coverage or changes to tests will be needed? --> ### What does success look like, and how can we measure that? <!-- Define both the success metrics and acceptance criteria. Note that success metrics indicate the desired business outcomes, while acceptance criteria indicate when the solution is working correctly. If there is no way to measure success, link to an issue that will implement a way to measure this. --> ### Links / references <!-- Any relevant links or references -->
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
michael
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: usnistgov/macos_security#252
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?