Skip to content

The Red Hat Enterprise Linux operating system must disable the login screen user list for graphical user interfaces.

An XCCDF Rule

Description

<VulnDiscussion>Leaving the user list enabled is a security risk as it allows anyone with physical access to the system to enumerate known user accounts without authenticated access to the system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-256969r902690_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure the operating system to disable the login screen user list for graphical user interfaces.

Create or edit the gdm profile in "/etc/dconf/profile/" to contain the following lines:

     $ sudo vi /etc/dconf/profile/gdm