[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

88036

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90338-5

Platform: macosx10.10Date: (C)2015-06-23   (M)2018-03-17



Set the Global Umask Setting for the System The default global umask setting must be set to '022' for system processes. The setting '022' ensures that system process created files and directories will only be readable by other users and processes, not writable. This mitigates the risk that unauthorized users might be able to write to files and directories created by system processes. A more restrictive setting could potentially break the normal functionality of the system.


Parameter: umask /etc/launchd.conf


Technical Mechanism: To view the umask setting, run the following command: umask If the setting is not '0022', this is a finding.

References:

Resource IdReference
NISTCM-6 b
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:25110


OVAL    1
oval:org.secpod.oval:def:25110
XCCDF    1
xccdf_org.secpod_benchmark_general_Mac_OS_X_10_10

© SecPod Technologies