CCE-90886-3Platform: rhel7 | Date: (C)2017-06-29 (M)2022-10-10 |
Disable the GNOME3 Login User List
In the default graphical environment, users logging
directly into the system are greeted with a login screen that displays
all known users. This functionality should be disabled.
The 'disable-user-list' setting must be
set under an appropriate configuration file(s) in the '/etc/dconf/db/gdm.d' directory
and locked in '/etc/dconf/db/gdm.d/locks' directory to prevent user modification.
After the settings have been set, run 'dconf update'.
Parameter:
Technical Mechanism:
Leaving the user list enabled is a security risk since it allows anyone
with physical access to the system to quickly enumerate known user accounts
without logging in.
Fix:
No Remediation Info
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: