InformationIf the GNOME display manager is being utilized than the screen package must be installed so the security recommendations outlined for GNOME can execute. The Red Hat Enterprise Linux operating system must have the screen package installed.
A session time-out (screen lock and screensaver) is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system and either logs out or does not log out because of the temporary nature of the absence.
The screen and tmux packages allow for a session lock to be implemented and configured.
SolutionInstall the screen package to allow the initiation of a user screen lock or a screensaver lock after a 15-minute period of inactivity.
Install the screen program (if it is not on the system) with the following command:
# yum install screen
Install the tmux program (if it is not on the system) with the following command:
#yum install tmux
The information system initiates a session lock after the organization-defined time period of inactivity.
This Benchmark Recommendation maps to:
Red Hat Enterprise Linux 7 Security Technical Implementation Guide:
Version 2, Release: 3 Benchmark Date: 26 Apr 2019
Vul ID: V-71897
Rule ID: SV-86521r3_rule
STIG ID: RHEL-07-010090
Severity: CAT II