UBTU-16-010330 - Unattended or automatic login via the Graphical User Interface must not be allowed - autologin-user

Information

Failure to restrict system access to authenticated users negatively impacts Ubuntu operating system security.

Solution

Configure the Graphical User Interface to not allow unattended or automatic login to the system.

Comment or remove the following lines in '/etc/lightdm/lightdm.conf' file:

#autologin-user=<username>
#autologin-user-timeout=0

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CAN_Ubuntu_16-04_LTS_V2R3_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|I, CCI|CCI-000366, Rule-ID|SV-214972r610931_rule, STIG-ID|UBTU-16-010330, STIG-Legacy|SV-90175, STIG-Legacy|V-75495, Vuln-ID|V-214972

Plugin: Unix

Control ID: 1e5d8beda6ff8fc51bbe9053a8afea2f9eb4bdb12223ed75051583cd045a61c8