Details

The information system _IS_ configured to allow the transfer of information to and from other operating systems and users.

The macOS is a UNIX 03-compliant operating system, which allows owners of object to have discretion over who should be authorized to access information.

link:https://developer.apple.com/library/archive/documentation/Security/Conceptual/AuthenticationAndAuthorizationGuide/Permissions/Permissions.html[]

Solution

The technology inherently meets this requirement. No fix is required.

Supportive Information

The following resource is also helpful.

• https://github.com/usnistgov/macos_security

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

• 800-53|AC-3(4)
• CCE|CCE-90899-6, CCI|CCI-002165

Source

• Tenable.com/audits