InformationA Login window banner warning informs the user that the system is reserved for authorized use only. It enforces an acknowledgment by the user that they have been informed of the use policy in the banner if required. The system recognizes either the .txt and the .rtf formats.
An access warning may reduce a casual attacker's tendency to target the system. Access warnings may also aid in the prosecution of an attacker by evincing the attacker's knowledge of the system's private status, acceptable use policy, and authorization requirements.
Users will have to click on the window with the Login text before logging into the computer.
Run the following commands to create or edit the login window text and set the proper permissions:
Edit (or create) a PolicyBanner.txt or PolicyBanner.rtf file, in the /Library/Security/ folder, to include the required login window banner text.
Perform the following to set permissions on the policy banner file:
$ /usr/bin/sudo /usr/sbin/chown o+r /Library/Security/PolicyBanner.txt
$ /usr/bin/sudo /usr/sbin/chown o+r /Library/Security/PolicyBanner.rtf
Note: If your organization uses an .rtfd file to set the policy banner, run $ /usr/bin/sudo /usr/sbin/chown -R o+rx /Library/Security/PolicyBanner.rtfd to update the permissions.
Category: CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
References: 800-53|CM-1, 800-53|CM-2, 800-53|CM-6, 800-53|CM-7, 800-53|CM-7(1), 800-53|CM-9, 800-53|SA-3, 800-53|SA-8, 800-53|SA-10, CSCv7|5.1
Control ID: f22d98bb1bba468e1c582d3db9460ee0d5361c54909b850f1f3092d20ac73ee6