2.6.2 Enable Gatekeeper

Information

Gatekeeper is Apple's application white-listing control that restricts downloaded applications from launching. It functions as a control to limit applications from unverified sources from running without authorization. Disallowing unsigned software will reduce the risk of unauthorized or malicious applications from running on the system.

Solution

Perform the following to implement the prescribed state: Open System Preferences Select Security & Privacy Select General Select Allow applications downloaded from: Mac App Store and identified developers Alternatively, perform the following to ensure the system is configured as: Run the following command in Terminal: sudo spctl --master-enable

See Also

https://workbench.cisecurity.org/files/299

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7(4)

Plugin: Unix

Control ID: d70b39d079c229a0bfaa982d190b2f34ae085e27fe391fa446287b73350dc9a8