5.11 Ensure Show All Filename Extensions Setting is Enabled

Information

A filename extension is a suffix added to a base filename that indicates the base filename's file format.

Visible filename extensions allow the user to identify the file type and the application it is associated with which leads to quick identification of misrepresented malicious files.

Solution

Run the following command to enable displaying of file extensions:

% /usr/bin/sudo -u <username> /usr/bin/defaults write /Users/<username>/Library/Preferences/.GlobalPreferences.plist AppleShowAllExtensions -bool true

% /usr/bin/sudo killall Finder

Impact:

The user of the system can open files of unknown or unexpected filetypes if the extension is not visible.

See Also

https://workbench.cisecurity.org/benchmarks/17465