2.3.2 Ensure Screen Saver Corners Are Secure - tr-corner

Information

Hot Corners can be configured to disable the screen saver by moving the mouse cursor to a corner of the screen.

Rationale:

Setting a hot corner to disable the screen saver poses a potential security risk since an unauthorized person could use this to bypass the login screen and gain access to the system.

Solution

Perform the following to disable a Hot Corner set to Disable Screen Saver:
Graphical Method:

Open System Preferences

Select Desktop & Screen Saver

Select Screen Saver

Select Hot Corners... and turn off any corner that is set to Disable Screen Saver

Terminal Method:
Run the following command to turn off Disable Screen Saver for a Hot Corner:

$ sudo -u <username> /usr/bin/defaults write com.apple.dock <corner that is set to '6'> -int 0

example:

$ sudo -u seconduser /usr/bin/defaults write com.apple.dock wvous-tl-corner -int 0

$ sudo -u seconduser /usr/bin/defaults read com.apple.dock wvous-tl-corner

0

Profile Method:

Create or edit a configuration profile with the PayLoadType of com.apple.dock

Add the key Forced

Set the key to the following:

<array>
<dict>
<key>mcx_preference_settings</key>
<dict>
<key>wvous-bl-corner</key>
<integer><!=6></integer>
<key>wvous-br-corner</key>
<integer><!=6></integer>
<key>wvous-tl-corner</key>
<integer><!=6></integer>
<key>wvous-tr-corner</key>
<integer><!=6></integer>
</dict>
</dict>
</array>

See Also

https://workbench.cisecurity.org/files/3644