STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 10 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Solaris 11 X86 Security Technical Implementation Guide

V-216122

CAT I (High)

The system must not allow autologin capabilities from the GNOME desktop.

Rule ID

SV-216122r959010_rule

STIG

Solaris 11 X86 Security Technical Implementation Guide

Version

V3R5

CCIs

CCI-000366

Discussion

As automatic logins are a known security risk for other than "kiosk" types of systems, GNOME automatic login should be disabled in pam.conf.

Check Content

Determine if autologin is enabled for the GNOME desktop.

# egrep "auth|account" /etc/pam.d/gdm-autologin | grep -vc ^#

If the command returns other than "0", this is a finding.

Fix Text

The root role is required.

Modify the /etc/pam.d/gdm-autologin file.

# pfedit /etc/pam.d/gdm-autologin

Locate the lines:

auth required pam_unix_cred.so.1
auth sufficient pam_allow.so.1
account sufficient pam_allow.so.1

Change the lines to read:

#auth required pam_unix_cred.so.1
#auth sufficient pam_allow.so.1
#account sufficient pam_allow.so.1