CCE-92761-6Platform: cpe:/o:apple:mac_os_x:10.14 | Date: (C)2019-04-05 (M)2023-07-04 |
Enable Gatekeeper
Gatekeeper settings must be configured correctly to only allow the system to run applications downloaded from the Mac App Store. Administator users will still have the option to override these settings on a per app basis. Gatekeeper is a security feature that ensures that applications must be digitally signed by an Apple issued certificate in order to run. Digital signatures allow Mac OS X to verify that the application has not been modified by a malicious third party.
Parameter:
[yes/no]
Technical Mechanism:
To check to make sure only applications downloaded from the App Store are allowed to run, type the following code:
system_profiler SPConfigurationProfileDataType | grep AllowIdentifiedDevelopers
If 'AllowIdentifiedDevelopers' is not set to '0', this is a finding.
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.4 | Attack Vector: LOCAL |
Exploit Score: 2.5 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:53987 |