Applications published to users are not approved by the IAO/SA.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-16411	SUN0150	SV-17404r1_rule	ECSC-1	Medium

Description
Publishing applications to users via the Kiosk mode bypasses a login mode. Therefore, some applications may or may not provide security to identify and authorize users to the application. For instance, adding the xterm application provides users with access to a command-line interface from a Kiosk mode session. This is not ideal since users should not be able to access the server’s command line functionality. Therefore, only approved applications will be published to users.

Description

Publishing applications to users via the Kiosk mode bypasses a login mode. Therefore, some applications may or may not provide security to identify and authorize users to the application. For instance, adding the xterm application provides users with access to a command-line interface from a Kiosk mode session. This is not ideal since users should not be able to access the server’s command line functionality. Therefore, only approved applications will be published to users.

STIG	Date
Sun Ray 4 Policy STIG	2015-04-02

Details

Check Text ( C-17281r1_chk )
Request a copy of the documentation that lists all approved applications. If unapproved applications are published to users that are not on the list, this is a finding. If no list exists, this is a finding.

Fix Text (F-16436r1_fix)
Document and approve all published applications running on the Sun Ray network.