Browser history must be saved

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35793	DTBC-0039	SV-47080r2_rule	ECSC-1	Medium

Description
"Disables saving browser history in Google Chrome and prevents users from changing this setting. If this setting is enabled, browsing history is not saved. If this setting is disabled or not set, browsing history is saved." - Google Chrome Administrators Policy List

STIG	Date
Google Chrome v24 Windows Benchmark	2013-03-07

Details

Check Text ( http://oval.mitre.org/XMLSchema/oval-definitions-5 )
Universal method (Requires Chrome Browser v15 or later): 1. In the omnibox (address bar) type chrome://policy 2. If the policy "SavingBrowserHistoryDisabled" is not shown or is not set to false, then this is a finding. Windows: 1. Start regedit 2. Navigate to HKLM\Software\Policies\Google\Chrome\ 3. If the SavingBrowserHistoryDisabled value name does not exist or its value data is not set to 0, then this is a finding.

Check Text ( http://oval.mitre.org/XMLSchema/oval-definitions-5 )

Universal method (Requires Chrome Browser v15 or later):
1. In the omnibox (address bar) type chrome://policy
2. If the policy "SavingBrowserHistoryDisabled" is not shown or is not set to false, then this is a finding.

Windows:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the SavingBrowserHistoryDisabled value name does not exist or its value data is not set to 0, then this is a finding.

Fix Text (F-40341r1_fix)
Valid for Chrome Browser version 8 or later. Windows registry: Key Path: HKLM\Software\Policies\Google\Chrome\ Value Name: SavingBrowserHistoryDisabled Value Type: Boolean (REG_DWORD) Value Data: 0 Windows group policy: Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\ Policy Name: Disable saving browser history Policy State: Disabled Policy Value: N/A