Check: RHEL-07-010450
Red Hat Enterprise Linux 7 STIG:
RHEL-07-010450
(in versions v3 r14 through v1 r1)
Title
The Red Hat Enterprise Linux operating system must not allow an unrestricted logon to the system. (Cat I impact)
Discussion
Failure to restrict system access to authenticated users negatively impacts operating system security.
Check Content
Verify the operating system does not allow an unrestricted logon to the system via a graphical user interface. Note: If the system does not have GNOME installed, this requirement is Not Applicable. Check for the value of the "TimedLoginEnable" parameter in "/etc/gdm/custom.conf" file with the following command: # grep -i timedloginenable /etc/gdm/custom.conf TimedLoginEnable=false If the value of "TimedLoginEnable" is not set to "false", this is a finding.
Fix Text
Configure the operating system to not allow an unrestricted account to log on to the system via a graphical user interface. Note: If the system does not have GNOME installed, this requirement is Not Applicable. Add or edit the line for the "TimedLoginEnable" parameter in the [daemon] section of the "/etc/gdm/custom.conf" file to "false": [daemon] TimedLoginEnable=false
Additional Identifiers
Rule ID: SV-204433r877377_rule
Vulnerability ID: V-204433
Group Title: SRG-OS-000480-GPOS-00229
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |