search

kristovatlas / osx-config-check

Verify the configuration of your OS X machine.
MIT License
1.25k stars 111 forks source link

broken hotcorners to start screen saver #152

Closed kristovatlas closed 8 years ago

kristovatlas commented 8 years ago

A user ran the tool (v1.0.0) and applied the fixes below. After, hot corners to start the screen saver were broken for her.

  1. CHECK #7: The OSX application firewall is enabled (current user only)
    • defaults -currentHost write ~/Library/Preferences/com.apple.alf globalstate -bool true OR sudo defaults -currentHost write ~/Library/Preferences/com.apple.alf globalstate -bool true
  2. CHECK #8: A password is required to wake the computer from sleep or screen saver (system-wide)
    • defaults write /Library/Preferences/com.apple.screensaver askForPassword -bool true OR sudo defaults write /Library/Preferences/com.apple.screensaver askForPassword -bool true
  3. CHECK #10: There is no delay between starting the screen saver and locking the machine (system-wide)
    • defaults -currentHost write /Library/Preferences/com.apple.screensaver askForPasswordDelay -bool false OR sudo defaults -currentHost write /Library/Preferences/com.apple.screensaver askForPasswordDelay -bool false
  4. CHECK #14: Stealth mode is enabled for OSX: Computer does not respond to ICMP ping requests or connection attempts from a closed TCP/UDP port. (system-wide)
  5. CHECK #15: Stealth mode is enabled for OSX: Computer does not respond to ICMP ping requests or connection attempts from a closed TCP/UDP port. (current user only)
  6. CHECK #16: Automatic whitelisting of Apple-signed applications through the firewall is disabled (system-wide)
  7. CHECK #17: Automatic whitelisting of Apple-signed applications through the firewall is disabled (current user only)
  8. CHECK #18: Captive portal for connecting to new networks is disabled to prevent MITM attacks
  9. CHECK #20: Hidden files are displayed in Finder
  10. CHECK #24: Bluetooth is disabled
  11. CHECK #25: The infrared receiver is disabled
  12. CHECK #26: AirDrop file sharing is disabled
  13. CHECK #32: Internet Sharing is disabled on all network interfaces
  14. CHECK #33: Wake on Network Access feature is disabled
    • systemsetup -setwakeonnetworkaccess off OR sudo systemsetup -setwakeonnetworkaccess off
  15. CHECK #34: Automatic setting of time and date is disabled
  16. CHECK #35: IPv6 is disabled on all network interfaces
  17. CHECK #36: An administrator password is required to change system-wide preferences
    • security authorizationdb read system.preferences > /tmp/system.preferences.plist &&/usr/libexec/PlistBuddy -c "Set :shared false"
  18. CHECK #38: The File Vault key is protected when going to standby mode
  19. CHECK #40: git is up to date or is not installed
  20. CHECK #42: Google DNS servers are used by default on all network interfaces
  21. CHECK #56: The Safari web browser will warn when visiting known fraudulent websites
  22. CHECK #75: The Mail application is currently closed
  23. CHECK #76: Apple Mail does not automatically load remote content in e-mails
  24. CHECK #77: Mail identified by Apple Mail as junk is sent to the Junk mailbox
  25. CHECK #80: New e-mails composed in Apple Mail and saved as drafts are encrypted by GPGMail
  26. CHECK #81: New e-mails composed in Apple Mail are signed by GPGMail
  27. CHECK #82: Apple Mail automatically checks for updates to GPGMail
  28. CHECK #83: The Google Chrome browser is currently closed
  29. CHECK #84: All Google Chrome web browser profiles prevent information leakage through navigation errors
  30. CHECK #85: All Google Chrome web browser profiles prevent information leakage through URL suggestions
  31. CHECK #86: All Google Chrome web browser profiles prevent information leakage through network prediction
  32. CHECK #87: All Google Chrome web browser profiles prevent information leakage by blocking security incidents reports to Google
  33. CHECK #88: All Google Chrome web browser profiles have Google Safe Browsing enabled
  34. CHECK #89: All Google Chrome web browser profiles prevent information leakage through spell-checking network services
  35. CHECK #90: All Google Chrome web browser profiles prevent information leakage through reporting usage statistics to Google
kristovatlas commented 8 years ago

More troubleshooting information from her system.

$ defaults read ~/Library/Preferences/com.apple.dock.plist | grep wvous
"wvous-tr-corner" = 5;
   "wvous-tr-modifier" = 0;
$ defaults read ~/Library/Preferences/com.apple.screensaver
{
   askForPassword = 1;
   askForPasswordDelay = 0;
   tokenRemovalAction = 0;
}
$ defaults -currentHost read com.apple.screensaver
{
   CleanExit = YES;
   PrefsVersion = 100;
   moduleDict =     {
       moduleName = Flurry;
       path = "/System/Library/Screen Savers/Flurry.saver";
       type = 0;
   };
   tokenRemovalAction = 0;
}

After adjusting the screen idle timer through the System Preferences GUI:

$ defaults -currentHost read com.apple.screensaver
{
   CleanExit = YES;
   PrefsVersion = 100;
   idleTime = 60;
   moduleDict =     {
       moduleName = Flurry;
       path = "/System/Library/Screen Savers/Flurry.saver";
       type = 0;
   };
   tokenRemovalAction = 0;
}
kristovatlas commented 8 years ago

Restarting the machine resolves this issue. I'll add some notes to the troubleshooting section of the README

kristovatlas commented 8 years ago

Included in develop branch for v1.0.1