The Bluetooth software driver must be removed.

From Apple OS X 10.10 (Yosemite) Workstation Security Technical Implementation Guide

Part of SRG-OS-000480

Associated with: CCI-000366

SV-73969r1_rule The Bluetooth software driver must be removed.

Vulnerability discussion

The Bluetooth kernel extension must be removed, as wireless access introduces unnecessary security risks. Removing Bluetooth support entirely mitigates this risk.

Check content

If Bluetooth connectivity is required to facilitate use of approved external devices, this is not applicable. To check if there are any hardware components for Bluetooth loaded in the system, run the following command: sudo kextstat | grep -i bluetooth If there is a result, this is a finding.

Fix text

Removing the kernel extensions for Bluetooth will remove the system's ability to load Bluetooth devices, use the following commands to remove them: sudo rm -rf /System/Library/Extensions/IOBluetoothFamily.kext /System/Library/Extensions/IOBluetoothHIDDriver.kext; sudo touch /System/Library/Extensions

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer