UCF STIG Viewer Logo

The graphical desktop environment must have automatic lock enabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-218013 RHEL-06-000259 SV-218013r505923_rule Medium
Description
Enabling the activation of the screen lock after an idle period ensures password entry will be required in order to access the system, preventing access by passersby.
STIG Date
Red Hat Enterprise Linux 6 Security Technical Implementation Guide 2020-09-03

Details

Check Text ( C-19494r377054_chk )
If the GConf2 package is not installed, this is not applicable.

To check the status of the idle screen lock activation, run the following command:

$ gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --get /apps/gnome-screensaver/lock_enabled

If properly configured, the output should be "true".
If it is not, this is a finding.
Fix Text (F-19492r377055_fix)
Run the following command to activate locking of the screensaver in the GNOME desktop when it is activated:

# gconftool-2 --direct \
--config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory \
--type bool \
--set /apps/gnome-screensaver/lock_enabled true