STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide

V-274871

CAT II (Medium)

Ubuntu 24.04 LTS must conceal, via the session lock, information previously visible on the display with a publicly viewable image.

Rule ID

SV-274871r1107302_rule

STIG

Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide

Version

V1R5

CCIs

CCI-000060

Discussion

Setting the screensaver mode to blank-only conceals the contents of the display from passersby.

Check Content

Note: This requirement assumes the use of the Ubuntu 24.04 LTS default graphical user interface, the GNOME desktop environment. If the system does not have any graphical user interface installed, this requirement is Not Applicable.

To verify the screensaver is configured to be blank, run the following command:

$ gsettings writable org.gnome.desktop.screensaver picture-uri
 
false
 
If "picture-uri" is writable and the result is "true", this is a finding.

Fix Text

Configure Ubuntu 24.04 LTS to prevent a user from overriding the picture-uri setting for graphical user interfaces.

In the file "/etc/dconf/db/local.d/00-security-settings", add or update the following lines:

[org/gnome/desktop/screensaver]
picture-uri=''

Prevent user modification by adding the following line to "/etc/dconf/db/local.d/locks/00-security-settings-lock":

/org/gnome/desktop/screensaver/picture-uri

Update the dconf system databases:

$ sudo dconf update