The system must display a publicly-viewable pattern during a graphical desktop environment session lock.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22301 | GEN000510 | SV-37222r1_rule | PESL-1 | Low |
| Description |
|---|
| To protect the on-screen content of a session, it must be replaced with a publicly-viewable pattern upon session lock. Examples of publicly viewable patterns include screen saver patterns, photographic images, solid colors, or a blank screen, so long as none of those patterns convey sensitive information. This requirement applies to graphical desktop environments provided by the system to locally attached displays and input devices, as well as, to graphical desktop environments provided to remote systems using remote access protocols. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 5 Security Technical Implementation Guide | 2017-03-01 |
Details
| Check Text ( C-35911r1_chk ) |
|---|
| Determine if a publicly-viewable pattern is displayed during a session lock. Some screensaver themes available but not included in the RHEL distribution use a snapshot of the current screen as a graphic. This theme does not qualify as a publicly-viewable pattern. If the session lock pattern is not publicly-viewable this is a finding. |
| Fix Text (F-31169r1_fix) |
|---|
| Configure the system to display a publicly-viewable pattern during a session lock. This is done graphically by selecting a screensaver theme using gnome-screensaver-preferences command. Any of the themes distributed with RHEL may be used including "Blank Screen". |