STIGQter: STIG Summary: Solaris 11 SPARC Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The system must not allow autologin capabilities from the GNOME desktop.

DISA Rule

SV-216359r603267_rule

Vulnerability Number

V-216359

Group Title

SRG-OS-000480

Rule Version

SOL-11.1-040410

Severity

CAT I

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

The root role is required.

Modify the /etc/pam.d/gdm-autologin file.

# pfedit /etc/pam.d/gdm-autologin

Locate the lines:

auth required pam_unix_cred.so.1
auth sufficient pam_allow.so.1
account sufficient pam_allow.so.1

Change the lines to read:

#auth required pam_unix_cred.so.1
#auth sufficient pam_allow.so.1
#account sufficient pam_allow.so.1

Check Contents

Determine if autologin is enabled for the GNOME desktop.

# egrep "auth|account" /etc/pam.d/gdm-autologin | grep -vc ^#

If the command returns other than "0", this is a finding.

Vulnerability Number

V-216359

Documentable

False

Rule Version

SOL-11.1-040410

Severity Override Guidance

Determine if autologin is enabled for the GNOME desktop.

# egrep "auth|account" /etc/pam.d/gdm-autologin | grep -vc ^#

If the command returns other than "0", this is a finding.

Check Content Reference

Target Key

4022

The system must not allow autologin capabilities from the GNOME desktop.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments