STIG V-268482 | The macOS system must disable Unix-to...

macOS 15 - Sequoia

The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service

STIG ID: APPL-15-002006 | SRG: SRG-OS-000080-GPOS-00048 | Severity: Medium | CCI: CCI-000213 | Vulnerability ID: V-268482

Description

The system must not have the UUCP service active.UUCP, a set of programs that enables sending files between different Unix systems and sending commands to be executed on another system, is not essential and must be disabled to prevent unauthorized connection of devices, transfer of information, and tunneling.NOTE: UUCP service is disabled at startup by default with macOS.

Check

C-268482r1034386_chk

Verify the macOS system is configured to disable UUCP service with the following command:/bin/launchctl print-disabled system | /usr/bin/grep -c '"com.apple.uucp" => disabled'If the result is not "1", this is a finding.

Fix

F-72413r1034385_fix

Configure the macOS system to disable UUCP service with the following command:/bin/launchctl disable system/com.apple.uucpThe system may need to be restarted for the update to take effect.