FFOX-00-000017 - Firefox must be configured to not delete data upon shutdown

Information

For diagnostic purposes, data must remain behind when the browser is closed. This is required to meet non-repudiation controls.

Solution

Windows group policy:
1. Open the group policy editor tool with 'gpedit.msc'.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefoxClear data when browser is closed
Policy Name: Cache, Cookies, Download History, Form & Search History, Browsing History, Active Logins, Site Preferences, Offline Website Data
Policy State: Disabled
Policy Name: Locked
Policy State: Enabled

macOS 'plist' file:
Add the following:
<key>SanitizeOnShutdown</key>
<dict>
<key>Cache</key>
<false/>
<key>Cookies</key>
<false/>
<key>Downloads</key>
<false/>
<key>FormData</key>
<false/>
<key>History</key>
<false/>
<key>Sessions</key>
<false/>
<key>SiteSettings</key>
<false/>
<key>OfflineApps</key>
<false/>
<key>Locked</key>
<true/>
</dict>

Linux 'policies.json' file:
Add the following in the policies section:
'SanitizeOnShutdown': {
'Cache': false,
'Cookies': false,
'Downloads': false,
'FormData': false,
'History': false,
'Sessions': false,
'SiteSettings': false,
'OfflineApps': false,
'Locked': true
}

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R5_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7a., CAT|II, CCI|CCI-000381, Rule-ID|SV-252881r879587_rule, STIG-ID|FFOX-00-000017, Vuln-ID|V-252881

Plugin: Unix

Control ID: cef29c1ca34ee4d30fd5a3c481974a79a9098ef553cfd620eb4e0619388ecc1c