Information
In macOS Monterey (12.0), Apple has added the capability to share content from another Apple device to the screen of a host Mac. While there are many valuable uses of this capability, such sharing on a standard Mac user workstation should be enabled ad hoc as required rather than allowing a continuous sharing service. The feature can be restricted by Apple ID or network and is configured to use by accepting the connection on the Mac. Part of the concern is frequent connection requests may function as a denial-of-service and access control limits may provide too much information to an attacker.
https://macmost.com/how-to-use-a-mac-as-an-airplay-receiver.html
https://support.apple.com/guide/mac-pro-rack/use-airplay-apdf1417128d/mac
Rationale:
This capability appears very useful for kiosk and shared work spaces. The ability to allow by network could be especially useful on segregated guest networks where visitors could share their screens on computers with bigger monitors, including computers connected to projectors.
Impact:
Turning off AirPlay sharing by default will not allow users to share without turning the service on. The service should be enable as needed rather than left on.
Solution
Perform the following to disable AirPlay Receiver:
Graphical Method:
Open System Preferences
Select Sharing
Uncheck AirPlay Receiver
Terminal Method:
For each user, run the following command to disable AirPlay Receiver:
$ sudo -u <username> defaults -currentHost write com.apple.controlcenter.plist AirplayRecieverEnabled -bool false
example:
$ sudo -u firstuser defaults -currentHost write com.apple.controlcenter.plist AirplayRecieverEnabled -bool false
Profile Method:
Create or edit a configuration profile with the PayloadType of com.apple.applicationaccess
Add the key allowAirPlayIncomingRequests
Set the key to <false/>
Default Value:
AirPlay Receiver is enabled by default.