Block Plugins by Default

An XCCDF Rule

Details
Profiles

Description

By default, websites are allowed to automatically run plugins. Users should be prompted to allow plugins to execute plugins by setting DefaultPluginsSetting to 3 in the Chromium policy file.

Rationale

Websites should not be allowed to automatically run plugins as the plugins may be outdated or compromised.

ID: xccdf_org.ssgproject.content_rule_chromium_default_block_plugins
Severity: Unknown
References: DTBC0040
Updated: over 1 year ago

Remediation Templates

if ! grep -q DefaultPluginsSetting /etc/chromium/policies/managed/chrome_stig_policy.json; then
   sed -i -e '/{/a \  "'DefaultPluginsSetting'": '3',' /etc/chromium/policies/managed/chrome_stig_policy.json
else
   sed -i -e 's/\"'DefaultPluginsSetting'.*/\"'DefaultPluginsSetting'\": '3',/g' /etc/chromium/policies/managed/chrome_stig_policy.json
fi

Block Plugins by Default

Description

Rationale

Remediation Templates

A Shell Script