GEN000510 - The system must display a publicly-viewable pattern during a graphical desktop environment session lock - saverList

Information

To protect the on-screen content of a session, it must be replaced with a publicly-viewable pattern upon session lock. Examples of publicly viewable patterns include screen saver patterns, photographic images, solid colors, or a blank screen, so long as none of those patterns convey sensitive information.

This requirement applies to graphical desktop environments provided by the system to locally attached displays and input devices, as well as, to graphical desktop environments provided to remote systems using remote access protocols.

Solution

Edit the /etc/dt/config/C/sys.resources file and add/edit the following lines, using 15 for the saverTimeout, and using StartDtscreenBlank for the saverList.

dtsession*saverTimeout: 15
dtsession*saverList: StartDtscreenBlank

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_x86_V2R4_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-11a., CAT|III, CCI|CCI-000057, Rule-ID|SV-227579r603266_rule, STIG-ID|GEN000510, STIG-Legacy|SV-39865, STIG-Legacy|V-22301, Vuln-ID|V-227579

Plugin: Unix

Control ID: 2df51af66e53627b58a25883cf924c270de9dc826609298214eb4384cdb768b4