Check: PHTN-67-000054
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000054
(in versions v1 r6 through v1 r1)
Title
The Photon operating system must set an inactivity timeout value for non-interactive sessions. (Cat II impact)
Discussion
A session timeout is an action taken when a session goes idle for any reason. Rather than relying on the user to manually disconnect their session prior to going idle, the Photon operating system must be able to identify when a session has idled and take action to terminate the session.
Check Content
At the command line, execute the following command: # grep TMOUT /etc/bash.bashrc Expected result: TMOUT=900 readonly TMOUT export TMOUT If the file does not exist or the output does not match the expected result, this is a finding.
Fix Text
Open /etc/bash.bashrc with a text editor and add the following to the end: TMOUT=900 readonly TMOUT export TMOUT
Additional Identifiers
Rule ID: SV-239125r856043_rule
Vulnerability ID: V-239125
Group Title: SRG-OS-000279-GPOS-00109
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002361 |
The information system automatically terminates a user session after organization-defined conditions or trigger events requiring session disconnect. |
Controls
Number | Title |
---|---|
AC-12 |
Session Termination |