{"description": "By default, <tt>GNOME</tt> disables WIFI notification. This should be permanently set\nso that users do not connect to a wireless network when the system finds one.\nWhile useful for mobile devices, this setting should be disabled for all other systems.\nTo configure the system to disable the WIFI notification, add or set\n<tt>suppress-wireless-networks-available</tt> to <tt>true</tt> in\n<tt>/etc/dconf/db/local.d/00-security-settings</tt>. For example:\n<pre>[org/gnome/nm-applet]\nsuppress-wireless-networks-available=true\n</pre>\nOnce the settings have been added, add a lock to\n<tt>/etc/dconf/db/local.d/locks/00-security-settings-lock</tt> to prevent user modification.\nFor example:\n<pre>/org/gnome/nm-applet/suppress-wireless-networks-available</pre>\nAfter the settings have been set, run <tt>dconf update</tt>.", "rationale": "Wireless network connections should not be allowed to be configured by general\nusers on a given system as it could open the system to backdoor attacks.", "severity": "medium", "references": {"cui": ["3.1.16"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "wireless network notification is enabled and not disabled", "ocil": "To ensure that wireless network notification is disabled, run the following command:\n<pre>$ gsettings get org.gnome.nm-applet suppress-wireless-networks-available</pre>\nIf properly configured, the output should be <tt>true</tt>.\nTo ensure that users cannot enable wireless notification, run the following:\n<pre>$ grep wireless-networks-available /etc/dconf/db/local.d/locks/*</pre>\nIf properly configured, the output should be\n<tt>/org/gnome/nm-applet/suppress-wireless-networks-available</tt>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["package[gdm]"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["package_gdm"], "bash_conditional": null, "fixes": {}, "title": "Disable WIFI Network Notification in GNOME3", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml", "template": null}