2.2.2.6 Ensure automatic logon via GUI is not allowed

Information

The operating system must not allow an unattended or automatic logon to the system via a graphical user interface.

Rationale:

Failure to restrict system unattended or automatic logon to the system negatively impacts operating system security.

Solution

Configure the operating system to not allow an unattended or automatic logon to the system via a graphical user interface.
Add or edit the line for the AutomaticLoginEnable parameter in the [daemon] section of the /etc/gdm/custom.conf file to false:
Example: vim /etc/gdm/custom.conf

[daemon]
AutomaticLoginEnable=false

Notes:

This Benchmark recommendation maps to:

Red Hat Enterprise Linux 7 Security Technical Implementation Guide:

Version 2, Release: 3 Benchmark Date: 26 Apr 2019



Vul ID: V-71953

Rule ID: SV-86577r2_rule

STIG ID: RHEL-07-010440

Severity: CAT I

See Also

https://workbench.cisecurity.org/files/2688

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b.

Plugin: Unix

Control ID: 8ce4354d085e9b956190b5d2a79c5deae61a0b6ff4a23e7dba0303f4c9082434