The macOS system must disable FaceTime.app.

STIG ID: APPL-14-002010  |  SRG: SRG-OS-000095-GPOS-00049 | Severity: medium |  CCI: CCI-000381

Vulnerability Discussion

The macOS built-in FaceTime.app must be disabled.

The FaceTime.app establishes a connection to Apple's iCloud service, even when security controls have
been put in place to disable iCloud access.

[IMPORTANT]
====
Apple has deprecated the use of application restriction controls
(https://github.com/apple/device-management/blob/eb51fb0cb9626cac4717858556912c257a734ce0/mdm/profiles/com.apple.applicationaccess.new.yaml#L67-L70).
Using these controls may not work as expected. Third-party software may be required to fulfill the
compliance requirements.
====

Check

Verify the macOS system is configured to disable FaceTime.app with the following command:

/usr/bin/osascript -l JavaScript << EOS
function run() {
let pref1 = ObjC.unwrap($.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess.new')\
.objectForKey('familyControlsEnabled'))
let pathlist = $.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess.new')\
.objectForKey('pathBlackList').js
for ( let app in pathlist ) {
if ( ObjC.unwrap(pathlist[app]) == "/Applications/FaceTime.app" && pref1 == true ){
return("true")
}
}
return("false")
}
EOS

If the result is not "true", this is a finding.

Fix

Configure the macOS system to disable FaceTime.app by installing the
"com.apple.applicationaccess.new" configuration profile.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.