Navigate

Check: UBTU-16-010330

Canonical Ubuntu 16.04 LTS STIG: UBTU-16-010330 (in versions v2 r3 through v1 r3)

Title

Unattended or automatic login via the Graphical User Interface must not be allowed. (Cat I impact)

Discussion

Failure to restrict system access to authenticated users negatively impacts Ubuntu operating system security.

Check Content

Verify that unattended or automatic login via the Graphical User Interface is disabled. Check that unattended or automatic login is disabled with the following command: # sudo grep -i autologin /etc/lightdm/lightdm.conf /etc/lightdm.d/*.conf | grep -v '#' If any results are returned, this is a finding.

Fix Text

Configure the Graphical User Interface to not allow unattended or automatic login to the system. Comment or remove the following lines in "/etc/lightdm/lightdm.conf" file: #autologin-user=<username> #autologin-user-timeout=0

Additional Identifiers

Rule ID: SV-214972r610931_rule

Vulnerability ID: V-214972

Group Title: SRG-OS-000480-GPOS-00229

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings