Details
The information system _IS_ configured to separate user and system functionality.
Operating system management functionality includes functions necessary for administration and requires privileged user access. Allowing non-privileged users to access operating system management functionality capabilities increases the risk that non-privileged users may obtain elevated privileges. Operating system management functionality includes functions necessary to administer console, network components, workstations, or servers and typically requires privileged user access.
The inherent configuration of the macOS allows only privileged users to access operating system management functionalities.
link:https://developer.apple.com/library/archive/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/DesigningDaemons.html[]
Solution
The technology inherently meets this requirement. No fix is required.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Maintenance, System and Communications Protection.This control applies to the following type of system Unix.
References
- 800-53|MA-4(1)
- 800-53|SC-2
- CCE|CCE-90999-4, CCI|CCI-001082