The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service.

STIG ID: APPL-15-002006  |  SRG: SRG-OS-000080-GPOS-00048 |  Severity: medium |  CCI: CCI-000213 |  Vulnerability Id: V-268482

Vulnerability Discussion

The system must not have the UUCP service active.

UUCP, a set of programs that enables sending files between different Unix systems and sending commands to be executed on another system, is not essential and must be disabled to prevent unauthorized connection of devices, transfer of information, and tunneling.

NOTE: UUCP service is disabled at startup by default with macOS.

Check

Verify the macOS system is configured to disable UUCP service with the following command:

/bin/launchctl print-disabled system | /usr/bin/grep -c '"com.apple.uucp" => disabled'

If the result is not "1", this is a finding.

Fix

Configure the macOS system to disable UUCP service with the following command:

/bin/launchctl disable system/com.apple.uucp

The system may need to be restarted for the update to take effect.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.