The .Xauthority utility must only permit access to authorized hosts.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-216078 | SRG-OS-000480 | SOL-11.1-020550 | SV-216078r959010_rule | 2026-02-19 | 3 |
Description
If unauthorized clients are permitted access to the X server, a user's X session may be compromised.
ℹ️ Check
If X Display Manager (XDM) is not used on the system, this is not applicable.
Determine if XDM is running.
Procedure:
# ps -ef | grep xdm
Check the X Window system access is limited to authorized clients.
Procedure:
# xauth
xauth> list
Ask the SA if the clients listed are authorized.
If any are not, this is a finding.
✔️ Fix
Remove unauthorized clients from the xauth configuration.
Procedure:
# xauth remove <display name>