UCF STIG Viewer Logo

The X server must have the correct options enabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-1021 GEN000000-LNX00360 SV-1021r2_rule ECSC-1 Medium
Description
Without the correct options enabled, the Xwindows system would be less secure and there would be no screen timeout.
STIG Date
VMware ESX 3 Server 2016-05-13

Details

Check Text ( C-2042r2_chk )
X servers get started several ways, such as xdm, gdm or xinit. Perform:
# ps –ef |grep X

Output for example:

/usr/X11R6/bin/X –nolisten –ctp –br vt7 –auth /var/lib/xdm/authdir/authfiles/A:0

Check the Xservers file to ensure the following options are enabled:

-audit, -auth, and –s 15.

Xserver files can found in:

/etc/X11/xdm/Xservers
/etc/opt/kde3/share/config/kdm/Xservers
/etc/X11/gdm/Xservers
Fix Text (F-1175r2_fix)
Enable the following options: -audit (at level 4), -auth and -s with 15 minutes as the timeout value.