UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The graphical desktop environment must set the idle timeout to no more than 15 minutes.


Overview

Finding ID Version Rule ID IA Controls Severity
V-208933 OL6-00-000257 SV-208933r793719_rule Medium
Description
Setting the idle delay controls when the screensaver will start, and can be combined with screen locking to prevent access from passersby.
STIG Date
Oracle Linux 6 Security Technical Implementation Guide 2021-12-03

Details

Check Text ( C-9186r357779_chk )
If the GConf2 package is not installed, this is not applicable.

To check the current idle time-out value, run the following command:

$ gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --get /apps/gnome-screensaver/idle_delay

If properly configured, the output should be "15".

If it is not, this is a finding.
Fix Text (F-9186r357780_fix)
Run the following command to set the idle time-out value for inactivity in the GNOME desktop to 15 minutes:

# gconftool-2 \
--direct \
--config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory \
--type int \
--set /apps/gnome-screensaver/idle_delay 15