Detections
Analytics

1.239 RHEL-09-271020

Information

RHEL 9 must disable the graphical user interface automount function unless required.

GROUP ID: V-258014
RULE ID: SV-258014r1045084

Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity.

Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPOS-00227

Solution

Configure the GNOME desktop to disable automated mounting of removable media.

The dconf settings can be edited in the /etc/dconf/db/* location.

Update the [org/gnome/desktop/media-handling] section of the "/etc/dconf/db/local.d/00-security-settings" database file and add or update the following lines:

[org/gnome/desktop/media-handling]
automount-open=false

Then update the dconf system databases:

$ sudo dconf update

See Also

https://workbench.cisecurity.org/benchmarks/22008

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-3, CAT|II, CCI|CCI-000778, CCI|CCI-001958, Rule-ID|SV-258014r1045084_rule, STIG-ID|RHEL-09-271020, Vuln-ID|V-258014

Plugin: Unix

Control ID: 525a575178ca48c3e6da1cb21584070ab3c62c8a6900cebfa48b64e03fa5b357