UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

RHEL 9 must prevent users from disabling session control mechanisms.


Overview

Finding ID Version Rule ID IA Controls Severity
V-258067 RHEL-09-412030 SV-258067r926188_rule Low
Description
The session lock is implemented at the point where session activity can be determined. Rather than be forced to wait for a period of time to expire before the user session can be locked, RHEL 9 must provide users with the ability to manually invoke a session lock so users can secure their session if it is necessary to temporarily vacate the immediate physical vicinity. Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000028-GPOS-00009
STIG Date
Red Hat Enterprise Linux 9 Security Technical Implementation Guide 2024-02-19

Details

Check Text ( C-61808r926186_chk )
Verify RHEL 9 prevents users from disabling the tmux terminal multiplexer with the following command:

$ grep -i tmux /etc/shells

If any output is produced, this is a finding.
Fix Text (F-61732r926187_fix)
Configure RHEL 9 to prevent users from disabling the tmux terminal multiplexer by editing the "/etc/shells" configuration file to remove any instances of tmux.