MacWebHosting Configuration Quidance of Macintosh OS X Mac Hosting

Macintosh OS X Workstation STIG, V1R1

DISA Field Security Operations

15 June 2004

Developed by DISA for the DOD

Freeware and Shareware

Public Domain software distributed as freeware or shareware where the software is only publicly

released in a compiled form and the product is not supported by any vendor is still restricted for

use in DOD.  Department of Defense Directive (DODD) 8500.1, Section 4.19 states:

 Public domain software products, and other software products with limited or no

warranty, such as those commonly known as freeware or shareware, shall only be used in

DOD information systems to meet compelling operational requirements.  Such products

shall be thoroughly assessed for risk and accepted for use by the responsible DAA.

These requirements conform to the spirit of the draft policy memorandum from the Assistant

Secretary of Defense, Guidance and Policy for Department of Defense Information Assurance,

24 June 1999, ASD (C3I).  Paragraph 4.11 requires COTS and GOTS security related software,

hardware, and firmware, to be evaluated prior to purchase.

2.3  Data Integrity

This Mac OS X Security Technical Implementation Guide (STIG) is not intended to address data

level integrity in detail, but to provide techniques that can be used to ensure security of the data

residing under the control of Mac OS X.

File system controls play a critical role in maintaining the integrity of Mac OS X systems.

Several key areas of control requirements are discussed in the following sections.

2.3.1  File Integrity

File integrity is a key factor in the protection of Mac OS X systems.  System files that must be

protected are found in APPENDIX B. FILE AND DIRECTORY PERMISSIONS TABLE.

The SA will ensure permissions for the files listed in APPENDIX B. FILE AND DIRECTORY

PERMISSIONS TABLE are implemented.

(OSX1026SVR0001:  CAT II) The SA will for the Mac OS X server be responsible for

checking and reporting to the IAO the integrity status of system/sensitive files on a weekly

basis.

(OSX1026SVR0002:  CAT III) The SA will for the Mac OS X server ensure access to the

software that performs this function is granted only to a limited number of privileged

accounts.

(OSX1026SVR0003:  CAT II) The SA will for the Mac OS X server ensure methods used to

check file integrity will alert the SA and the IAO via email if a security breach or a suspected

security breach is discovered.

UNCLASSIFIED





  
    
      

    
    Home
    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    
    
         Mac Web Hosting

    
    
    
      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved


Home	About	Services	Network	Support	FAQ	Order	Contact
Mac Web Hosting
Our partners:Jsp Web Hosting Unlimited Web Hosting Cheapest Web Hosting Java Web Hosting Web Templates Best Web Templates PHP Mysql Web Hosting Interland Web Hosting Cheap Web Hosting PHP Web Hosting Tomcat Web Hosting Quality Web Hosting Best Web Hosting Mac Web Hosting Lunarwebhost.net Business web hosting division of Vision Web Hosting Inc. All rights reserved