RHEL 9 must prevent users from disabling session control mechanisms.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-258067	RHEL-09-412030	SV-258067r926188_rule		Low

Description
The session lock is implemented at the point where session activity can be determined. Rather than be forced to wait for a period of time to expire before the user session can be locked, RHEL 9 must provide users with the ability to manually invoke a session lock so users can secure their session if it is necessary to temporarily vacate the immediate physical vicinity. Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000028-GPOS-00009

Description

The session lock is implemented at the point where session activity can be determined. Rather than be forced to wait for a period of time to expire before the user session can be locked, RHEL 9 must provide users with the ability to manually invoke a session lock so users can secure their session if it is necessary to temporarily vacate the immediate physical vicinity. Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000028-GPOS-00009

STIG	Date
Red Hat Enterprise Linux 9 Security Technical Implementation Guide	2023-12-01

Details

Check Text ( C-61808r926186_chk )
Verify RHEL 9 prevents users from disabling the tmux terminal multiplexer with the following command: $ grep -i tmux /etc/shells If any output is produced, this is a finding.

Fix Text (F-61732r926187_fix)
Configure RHEL 9 to prevent users from disabling the tmux terminal multiplexer by editing the "/etc/shells" configuration file to remove any instances of tmux.