Detections
Analytics
UBTU-24-200043 - Ubuntu 24.04 LTS must conceal, via the session lock, information previously visible on the display with a publicly viewable image.
Warning! Audit Deprecated
This audit has been deprecated and will be removed in a future update.
View Next Audit VersionInformation
Setting the screensaver mode to blank-only conceals the contents of the display from passersby.Solution
Configure Ubuntu 24.04 LTS to prevent a user from overriding the picture-uri setting for graphical user interfaces.In the file "/etc/dconf/db/local.d/00-security-settings", add or update the following lines:
[org/gnome/desktop/screensaver]
picture-uri=''
Prevent user modification by adding the following line to "/etc/dconf/db/local.d/locks/00-security-settings-lock":
/org/gnome/desktop/screensaver/picture-uri
Update the dconf system databases:
$ sudo dconf update
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CAN_Ubuntu_24-04_LTS_V1R3_STIG.zip
Item Details
Audit Name: DISA Canonical Ubuntu 24.04 LTS STIG v1r3
References: CAT|II, CCI|CCI-000060, Rule-ID|SV-274871r1107302_rule, STIG-ID|UBTU-24-200043, Vuln-ID|V-274871
Plugin: Unix
Control ID: f7bb0ec0bbfb34fbc2ea5d1ef7515384d296a6ec80561e38bd0e951a66c1f714