Disable Incognito Mode
An XCCDF Rule
Description
Incognito Mode allows users to browse in private which prevents monitoring and validating user browsing habits. This capability should be disabled by settingIncognitoModeAvailability to 1 in the Chromium
policy file.
Rationale
Incognito mode allows the user to browse the Internet without recording their browsing history/activity. From a forensics perspective, this is unacceptable. Best practice requires that browser history is retained.
- ID
- xccdf_org.ssgproject.content_rule_chromium_disable_incognito_mode
- Severity
- Unknown
- References
- Updated
Remediation Templates
A Shell Script
if ! grep -q IncognitoModeAvailability /etc/chromium/policies/managed/chrome_stig_policy.json; then
sed -i -e '/{/a \ "'IncognitoModeAvailability'": 'false',' /etc/chromium/policies/managed/chrome_stig_policy.json
else
sed -i -e 's/\"'IncognitoModeAvailability'.*/\"'IncognitoModeAvailability'\": 'false',/g' /etc/chromium/policies/managed/chrome_stig_policy.json
fi