Details

The operating system must not allow an unattended or automatic logon to the system via a graphical user interface.

Rationale:

Failure to restrict system unattended or automatic logon to the system negatively impacts operating system security.

Solution

Configure the operating system to not allow an unattended or automatic logon to the system via a graphical user interface.
Add or edit the line for the AutomaticLoginEnable parameter in the [daemon] section of the /etc/gdm/custom.conf file to false:
Example: vim /etc/gdm/custom.conf

[daemon]
AutomaticLoginEnable=false

Notes:

This Benchmark recommendation maps to:

Red Hat Enterprise Linux 7 Security Technical Implementation Guide:

Version 2, Release: 3 Benchmark Date: 26 Apr 2019

Vul ID: V-71953

Rule ID: SV-86577r2_rule

STIG ID: RHEL-07-010440

Severity: CAT I

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/2688https://workbench.cisecurity.org/files/2688

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-6b.

Source

• Tenable.com/audits