Closed liquidoshin closed 2 years ago
liquidoshin
commented
2 years ago The links provided actually point to a download of a spreadsheet from NIST and their 800-53 hardening guidance. Unfortunately there is nothing online from them that you can look at. This is Derek Walker, I submitted a help request through your website a week back about some controls I didn't find in your software and you updated it with them.
relgit
commented
2 years ago Hi @liquidoshin, it was me with whom you spoke. Thanks for following up and for opening these issues here. ProfileManifests is independent of iMazing, by the way, but you're in the right place since we make use of this project in our app and continuously engage with it.
@apizz , @kevinmcox, others; Derek approached us last week with a request for several keys to be added. I was able on his behalf to create PRs for the documented ones (#523, #524, and #525). However, I asked him to bring the undocumented ones here because I'm not familiar with the NIST guidelines. I hope that someone here could comment on the the guildelines or on the keys themselves (further keys in #527 and #528 too).
There's also a greater point here which is that the NIST document that Derek pointed to contains several other interesting preference keys that once we verify them all to work it could be a good idea to incorporate.
kevinmcox
commented
2 years ago That NIST document (Rev5 here) is what guides the macOS Security Compliance project. We have several colleagues in the MacAdmins Slack who work on it in the #macos_security_compliance channel.
In general, I would trust the keys they document to do what they say.
Here is a cleaner link to the Excel sheet from the top of this issue: https://csrc.nist.gov/CSRC/media/Projects/national-vulnerability-database/documents/CCE/cce-macos_bigsur.xls
kevinmcox
commented
2 years ago I see the keys from #527 and #528 in the NIST spreadsheet, but I can't find these however:
Payload / Domain: com.apple.preferences.sharing.SharingPrefsExtension:
homeSharingUIStatus: 0
legacySharingUIStatus: 0
mediaSharingUIStatus: 0Thanks Kevin, this is very useful info.
So if that's the case I think we can feel very comfortable adding the keys to the manifest. We can start with the three issues that Derek opened and if that works well we can later explore covering some more ground.
Per the keys that you mentioned, I followed your lead about the macOS Security Compliance project and was able to find them documented here, which I think is sufficient: https://github.com/usnistgov/macos_security/blob/main/rules/sysprefs/sysprefs_media_sharing_disabled.yaml
relgit
commented
2 years ago You're welcome, Derek.
By the way, sorry but I had to delete your comment because of some personal information that snuck in with your signature when you replied (comments on this discussion are public).
Please provide the following information:
App Name: Media sharing disablement
App URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjmhozEyoL2AhWRKH0KHTPKCBEQFnoECAQQAQ&url=https%3A%2F%2Fcsrc.nist.gov%2FCSRC%2Fmedia%2FProjects%2Fnational-vulnerability-database%2Fdocuments%2FCCE%2Fcce-macos_bigsur.xls&usg=AOvVaw0XRSWpBSHnn2PaYHrDBLzO
App Profile Documentation URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjmhozEyoL2AhWRKH0KHTPKCBEQFnoECAQQAQ&url=https%3A%2F%2Fcsrc.nist.gov%2FCSRC%2Fmedia%2FProjects%2Fnational-vulnerability-database%2Fdocuments%2FCCE%2Fcce-macos_bigsur.xls&usg=AOvVaw0XRSWpBSHnn2PaYHrDBLzO
Payload / Domain: com.apple.preferences.sharing.SharingPrefsExtension: homeSharingUIStatus: 0 legacySharingUIStatus: 0 mediaSharingUIStatus: 0