UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The graphical desktop environment must have automatic lock enabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-38638 RHEL-06-000259 SV-50439r3_rule Medium
Description
Enabling the activation of the screen lock after an idle period ensures password entry will be required in order to access the system, preventing access by passersby.
STIG Date
Red Hat Enterprise Linux 6 Security Technical Implementation Guide 2016-06-05

Details

Check Text ( C-46198r3_chk )
If the GConf2 package is not installed, this is not applicable.

To check the status of the idle screen lock activation, run the following command:

$ gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --get /apps/gnome-screensaver/lock_enabled

If properly configured, the output should be "true".
If it is not, this is a finding.
Fix Text (F-43587r1_fix)
Run the following command to activate locking of the screensaver in the GNOME desktop when it is activated:

# gconftool-2 --direct \
--config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory \
--type bool \
--set /apps/gnome-screensaver/lock_enabled true