RHEL 9 must prevent users from disabling session control mechanisms.

STIG ID: RHEL-09-412030  |  SRG: SRG-OS-000324-GPOS-00125 | Severity: low |  CCI: CCI-000056,CCI-002235

Vulnerability Discussion

The session lock is implemented at the point where session activity can be determined. Rather than be forced to wait for a period of time to expire before the user session can be locked, RHEL 9 must provide users with the ability to manually invoke a session lock so users can secure their session if it is necessary to temporarily vacate the immediate physical vicinity.

Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000028-GPOS-00009

Check

Verify RHEL 9 prevents users from disabling the tmux terminal multiplexer with the following command:

$ grep -i tmux /etc/shells

If any output is produced, this is a finding.

Fix

Configure RHEL 9 to prevent users from disabling the tmux terminal multiplexer by editing the "/etc/shells" configuration file to remove any instances of tmux.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.