← Back to Apple macOS 15 (Sequoia) Security Technical Implementation Guide

V-268486

CAT II (Medium)

The macOS system must disable FaceTime.app.

Rule ID

SV-268486r1034398_rule

STIG

Apple macOS 15 (Sequoia) Security Technical Implementation Guide

Version

V1R7

CCIs

CCI-000381

Discussion

The macOS built-in FaceTime.app must be disabled. The FaceTime.app establishes a connection to Apple's iCloud service even when security controls have been put in place to disable iCloud access. [IMPORTANT] ==== Apple has deprecated the use of application restriction controls (https://github.com/apple/device-management/blob/eb51fb0cb9626cac4717858556912c257a734ce0/mdm/profiles/com.apple.applicationaccess.new.yaml#L67-L70). Using these controls may not work as expected. Third-party software may be required to fulfill the compliance requirements. ====

Check Content

Verify the macOS system is configured to disable FaceTime.app with the following command:

/usr/bin/osascript -l JavaScript << EOS
function run() {
  let pref1 = ObjC.unwrap($.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess.new')\
  .objectForKey('familyControlsEnabled'))
  let pathlist = $.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess.new')\
  .objectForKey('pathBlackList').js
  for ( let app in pathlist ) {
      if ( ObjC.unwrap(pathlist[app]) == "/Applications/FaceTime.app" && pref1 == true ){
          return("true")
      }
  }
  return("false")
  }
EOS

If the result is not "true", this is a finding.

Fix Text

Configure the macOS system to disable FaceTime.app by installing the "com.apple.applicationaccess.new" configuration profile.