Unattended or automatic login via the Graphical User Interface must not be allowed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-75495 | UBTU-16-010330 | SV-90175r4_rule | High |
| Description |
|---|
| Failure to restrict system access to authenticated users negatively impacts Ubuntu operating system security. |
| STIG | Date |
|---|---|
| Canonical Ubuntu 16.04 Security Technical Implementation Guide | 2020-05-29 |
Details
| Check Text ( C-75199r4_chk ) |
|---|
| Verify that unattended or automatic login via the Graphical User Interface is disabled. Check that unattended or automatic login is disabled with the following command: # sudo grep -i autologin /etc/lightdm/lightdm.conf /etc/lightdm.d/*.conf | grep -v '#' If any results are returned, this is a finding. |
| Fix Text (F-82123r5_fix) |
|---|
| Configure the Graphical User Interface to not allow unattended or automatic login to the system. Comment or remove the following lines in "/etc/lightdm/lightdm.conf" file: #autologin-user= #autologin-user-timeout=0 |