CCE-90767-5Platform: rhel7 | Date: (C)2017-06-29 (M)2022-10-10 |
Disable GNOME3 Automounting
The system's default desktop environment, GNOME3, will mount
devices and removable media (such as DVDs, CDs and USB flash drives) whenever
they are inserted into the system. To disable automount and autorun within GNOME3,
the 'automount', 'automount-open', and 'autorun-never' settings must be set
under an appropriate configuration file(s) in the '/etc/dconf/db/local.d' directory
and locked in '/etc/dconf/db/local.d/locks' directory to prevent user modification.
After the settings have been set, run 'dconf update'.
Parameter:
Technical Mechanism:
Disabling automatic mounting in GNOME3 can prevent
the introduction of malware via removable media.
It will, however, also prevent desktop users from legitimate use
of removable media.
Fix:
No Remediation Info
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: