Macintosh OS X Workstation STIG, V1R1
DISA Field Security Operations
15 June 2004
Developed by DISA for the DOD
3.10.2 Access Permissions and Owners........................................................................... 33
3.10.3 Cron on Mac OS X server..................................................................................... 33
3.10.4 Locations............................................................................................................... 34
3.11 At Access.........................................................................................................................35
3.11.1 Access Controls .................................................................................................... 36
3.11.2 Access Permissions and Owners........................................................................... 36
3.11.3 At on Mac OS X Server ........................................................................................ 36
4. NETWORK SERVICES...........................................................................................................38
4.1 Network Services Descriptions .........................................................................................39
4.1.1 Apache ..................................................................................................................... 39
4.1.2 Rlogin and rsh ......................................................................................................... 39
4.1.3 Rexec Command..................................................................................................... 39
4.1.4 Finger ...................................................................................................................... 40
4.1.5 Remote Host Printing.............................................................................................. 40
4.1.6 Traceroute ............................................................................................................... 40
4.1.7 Client Browser Requirements ................................................................................. 41
4.2 Sendmail ............................................................................................................................42
4.3 Ftp......................................................................................................................................42
4.4 Trivial File Transfer Protocol (tftp)...................................................................................43
4.5 Domain Name Service (DNS) ...........................................................................................43
4.6 System Logging Daemon (syslogd) ..................................................................................44
4.7 Secure Shell (ssh) ..............................................................................................................44
4.8 Mac OS X Built in Firewall ..............................................................................................45
5. TRUST RELATIONSHIPS ......................................................................................................46
5.1 Network Information Service (NIS) ..................................................................................46
5.2 Network File System (NFS) ..............................................................................................46
5.3 Samba ................................................................................................................................48
APPENDICES
APPENDIX A. Related Publications........................................................................................... 50
APPENDIX B. File and Directory Permissions Table ................................................................ 52
APPENDIX C. Procedures for Bringing a Mac OS X System Into STIG Compliance .............. 53
APPENDIX D. Acronym.............................................................................................................. 56
iv
UNCLASSIFIED