6.2 Ensure Show All Filename Extensions Setting is Enabled

Information

A filename extension is a suffix added to a base filename that indicates the base filename's file format.

Rationale:

Visible filename extensions allow the user to identify the file type and the application it is associated with which leads to quick identification of misrepresented malicious files.

Impact:

The user of the system can open files of unknown or unexpected filetypes if the extension is not visible.

Solution

Graphical Method:
Perform the following steps to enable secure keyboard entries in Terminal:

Open the Applications folder

Open the Utilities folder

Open Terminal

Select Terminal in the Menu Bar

Set Secure Keyboard Entry to enabled

Terminal Method:

$ /usr/bin/sudo -u <username> /usr/bin/defaults write -app Terminal SecureKeyboardEntry -bool true

example:

$ /usr/bin/sudo -u firstuser /usr/bin/defaults write -app Terminal SecureKeyboardEntry -bool true

Profile Method:
Create or edit a configuration profile with the following information:

The PayloadType string is com.apple.Terminal

The key to include is SecureKeyboardEntry

The key must be set to <true/>

Note: Since the profile method sets a system-wide setting and not a user-level one, the profile method is the preferred method. It is always better to set system-wide than per user.

Default Value:

Filename extensions are turned off by default.

See Also

https://workbench.cisecurity.org/files/4178