AOSX-14-002065 - The macOS system must limit the ability of non-privileged users to grant other users direct access to the contents of their home directories/folders - Home directory ACLs

Information

Users' home directories/folders may contain information of a sensitive nature. Non-privileged users should coordinate any sharing of information with an SA through shared resources.

Solution

To reset the permissions on a users' home directory to their defaults, run the following command, where 'username' is the user's short name:

sudo diskutil resetUserPermissions / username

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_OS_X_10-14_V2R6_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-209607r610285_rule, STIG-ID|AOSX-14-002065, STIG-Legacy|SV-104721, STIG-Legacy|V-95533, Vuln-ID|V-209607

Plugin: Unix

Control ID: 9ca1402e1bc7d786e4e0d0b20a1e75e6737564ae133514527de17680ec3fa6e2