Details
Many aspects and features of macOS can be restricted on a user-by-user basis via the Parental Controls feature. This includes computer usage time limits, application accessibility limitations, and website restrictions. Although this feature is called Parental Controls, these restrictions may be appropriate for corporate, government, or educational use.
Rationale:
Limiting usage and restricting features for managed users reduces the risk of the user and/or system being exposed to malicious and/or inappropriate content.
Impact:
The extensive use of parental controls adds to the configuration management burden and can limit legitimate user activity.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Open System Preferences
Select Users & Groups
Highlight managed user
Check box next to Enable parental controls
Select Open Parental Controls
Select items within the Parental Controls feature that should be restricted.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.