|
|
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
On Dec 8, 2010, at 8:33 AM, Dan O'Donnell wrote:
I was just browsing through this document (with my personal biases turned on high:). I like that they produced this document for the Mac, and it gives me a good idea of where their thinking is. Is it traditional for some contractor to come out with an application to apply these changes automatically? Initial observations: First, 10.5? Really? 10.6 has been out for more than a year. Second, I don't think they test these things. For example, they provide the audit settings flags:lo,ad,-all,-fr,fd,fm,^-fa,^- fc,^-cl But the auditing (last I checked) was completely broken on 10.5. These settings pretty much do nothing, and at worse, provide a false sense of security. If you want auditing, move to 10.6. Third, in a computer security document why did they need to redefine the acronym MAC to mean something other than Mandatory Access Controls? (they call it "Mission Assurance Category") I think this is going to lead to confusion down the road. Fourth, there is a lot of stuff on changing permissions for directories and files. I wonder if these get "re-fixed" by Apple every time software updates are applied? Any idea when one for 10.6 is coming out? Todd |
_______________________________________________ Do not post admin requests to the list. They will be ignored. Fed-talk mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
| References: | |
| >[Fed-Talk] DISA STIG for 10.5 (From: "Dan O'Donnell" <email@hidden>) |
| Home | Archives | Terms/Conditions | Contact | RSS | Lists | About |
Visit the Apple Store online or at retail locations.
1-800-MY-APPLE
Contact Apple | Terms of Use | Privacy Policy
Copyright © 2011 Apple Inc. All rights reserved.
