UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Ubuntu operating system must enable a user session lock until that user re-establishes access using established identification and authentication procedures.


Overview

Finding ID Version Rule ID IA Controls Severity
V-214943 UBTU-16-010040 SV-214943r610931_rule Medium
Description
A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence. The session lock is implemented at the point where session activity can be determined. Regardless of where the session lock is determined and implemented, once invoked, the session lock shall remain in place until the user re-authenticates. No other activity aside from re-authentication shall unlock the system.
STIG Date
Canonical Ubuntu 16.04 LTS Security Technical Implementation Guide 2020-12-09

Details

Check Text ( C-16142r364830_chk )
Verify the operating system allows a user to lock the current graphical user interface session.

Note: If the Ubuntu operating system does not have a graphical user interface installed, this requirement is Not Applicable.

Check to see if the Ubuntu operating system allows the user to lock the current graphical user interface session with the following command:

# gsettings get org.gnome.desktop.lock-enabled

true

If "lock-enabled" is not set to "true", this is a finding.
Fix Text (F-16140r364831_fix)
Configure the Ubuntu operating system so that it allows a user to lock the current Graphical User Interface session.

Set the "lock-enabled" setting in the graphical user interface to allow session locks with the following command:

Note: The command must be performed from a terminal window inside the graphical user interface.

# sudo gsettings set org.gnome.desktop.lock-enabled true