UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Firefox must be configured to not delete data upon shutdown.


Overview

Finding ID Version Rule ID IA Controls Severity
V-252881 FFOX-00-000017 SV-252881r820757_rule Medium
Description
For diagnostic purposes, data must remain behind when the browser is closed. This is required to meet non-repudiation controls.
STIG Date
Mozilla Firefox Security Technical Implementation Guide 2022-09-09

Details

Check Text ( C-56337r820755_chk )
Type "about:policies" in the browser address bar.

If "SanitizeOnShutdown" is not displayed under Policy Name or the Policy Value does not have {"Cache":false,"Cookies":false,"Downloads":false,"FormData":false,"Sessions":false,"History":false,"OfflineApps":false,"SiteSettings":false,"Locked":true}, this is a finding.
Fix Text (F-56287r820756_fix)
Windows group policy:
1. Open the group policy editor tool with "gpedit.msc".
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Clear data when browser is closed
Policy Name: Cache, Cookies, Download History, Form & Search History, Browsing History, Active Logins, Site Preferences, Offline Website Data
Policy State: Disabled
Policy Name: Locked
Policy State: Enabled

macOS "plist" file:
Add the following:
SanitizeOnShutdown

Cache

Cookies

Downloads

FormData

History

Sessions

SiteSettings

OfflineApps

Locked



Linux "policies.json" file:
Add the following in the policies section:
"SanitizeOnShutdown": {
"Cache": false,
"Cookies": false,
"Downloads": false,
"FormData": false,
"History": false,
"Sessions": false,
"SiteSettings": false,
"OfflineApps": false,
"Locked": true
}