AIX7-00-001029 - AIX must provide xlock command in the CDE environment to let users retain their sessions lock until users are reauthenticated.

Information

All systems are vulnerable if terminals are left logged in and unattended. Leaving system terminals unsecure poses a potential security hazard.

If the interface is AIXwindows (CDE), use the xlock command to lock the sessions.

Solution

Install 'X11.apps.clients' fileset from the AIX DVD Volume 1 using the following command (assuming that the DVD is mounted to/dev/cd0):

# installp -aXYgd /dev/cd0 -e /tmp/install.log X11.apps.clients

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V2R9_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-11b., CAT|II, CCI|CCI-000056, Rule-ID|SV-215188r508663_rule, STIG-ID|AIX7-00-001029, STIG-Legacy|SV-101331, STIG-Legacy|V-91231, Vuln-ID|V-215188

Plugin: Unix

Control ID: a1c2e5ca76a48932401e980901d6b965f14f98557dc386c8b6201aa51c6d1d44