AOSX-13-000554 - The macOS system must not have a guest account - Guest account

Information

Only authorized individuals should be allowed to obtain access to operating system components. Permitting access via a guest account provides unauthenticated access to any person.

Solution

Remove the guest user with the following command:

sudo dscl . delete /Users/Guest

'This can also be managed with 'Login Window Policy' configuration profile.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_OS_X_10-13_V2R5_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(1), CAT|I, CCI|CCI-001813, Rule-ID|SV-214868r609363_rule, STIG-ID|AOSX-13-000554, STIG-Legacy|SV-96329, STIG-Legacy|V-81615, Vuln-ID|V-214868

Plugin: Unix

Control ID: 48fabab3921dd00bb2196e8af69708bb666dad7b7df213b4adfea59943e8384c