Remove list of users from the login screen of the GUI

Comments 1

In RHEL 6, when the server is up in run level 5, a list of users from /etc/passwd appears on the console. Building our first production boxes on RHEL 6, we were asked to remove this as the customer viewed it as a security issue for anyone with access to the VMWare console to be able to view all user accounts on the server.

I don't think this feature is needed and provides more of a risk to security than any benefits. This can be edited by going to opening /etc/gconf/gconf.xml.defaults/%gconf-tree.xml and change the boolean for disable_user_list from false to true. I'd like to see this removed in the RHEL 7.

Started 2012-02-20T15:05:34+00:00 by

evanss

Community Member 30 points

Responses

MG Active Contributor 111 points

21 February 2012 12:16 PM

Michael Grima

Completely agree. It is a security concern to list all user accounts on the system.

While you can run that command to hide the user list, it has a nasty side effect in that it kills GDM smart-card login support. Thus, if you utilize smart cards for logging into the system, you can't disable the user list.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

Remove list of users from the login screen of the GUI

Responses