STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system must utilize vlock to allow for session locking.

DISA Rule

SV-234811r622137_rule

Vulnerability Number

V-234811

Group Title

SRG-OS-000028-GPOS-00009

Rule Version

SLES-15-010110

Severity

CAT III

CCI(s)

• CCI-000056 - The information system retains the session lock until the user reestablishes access using established identification and authentication procedures.
• CCI-000060 - The information system conceals, via the session lock, information previously visible on the display with a publicly viewable image.
• CCI-000058 - The information system provides the capability for users to directly initiate session lock mechanisms.

Weight

10

Fix Recommendation

Allow users to lock the console by installing the "kbd" package using zypper:

> sudo zypper install kbd

Check Contents

Check that the SUSE operating system has the "vlock" package installed by running the following command:

> zypper search --installed-only --match-exact --provides vlock

If the command outputs "no matching items found", this is a finding.

Vulnerability Number

V-234811

Documentable

False

Rule Version

SLES-15-010110

Severity Override Guidance

Check that the SUSE operating system has the "vlock" package installed by running the following command:

> zypper search --installed-only --match-exact --provides vlock

If the command outputs "no matching items found", this is a finding.

Check Content Reference

M

Target Key

5274

Comments