The operating system must retain the session lock until the user reestablishes access using established identification and authentication procedures.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| RHEL-06-000373-PNF | RHEL-06-000373-PNF | RHEL-06-000373-PNF_rule | Medium |
| Description |
|---|
| A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the system but does not want to log out because of the temporary nature of the absence. Once invoked, the session lock shall remain in place until the user re-authenticates. No other system activity aside from re-authentication can unlock the system. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2013-02-05 |
Details
| Check Text ( C-RHEL-06-000373-PNF_chk ) |
|---|
| RHEL6 supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding. |
| Fix Text (F-RHEL-06-000373-PNF_fix) |
|---|
| This requirement is a permanent not a finding. No fix is required. |