From f643b41c96c3551cdd6035f77e95c49c6f74e5ed Mon Sep 17 00:00:00 2001 From: Gabriel Becker Date: Tue, 15 Sep 2020 17:33:30 +0200 Subject: [PATCH] Update accounts_tmout rule with regards to latest RHEL7 STIG revision. - Select 15 minutes as new timeout value. - Fix CCI and SRG identifiers. --- .../system/accounts/accounts-session/accounts_tmout/rule.yml | 4 ++-- rhel7/profiles/stig.profile | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml index eb64b12e51..ef06735283 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml @@ -26,11 +26,11 @@ identifiers: references: stigid@ol7: OL07-00-040160 cui: 3.1.11 - disa: CCI-000361,CCI-001133 + disa: CCI-002361,CCI-001133 nist: AC-12,SC-10,AC-2(5),CM-6(a) nist-csf: PR.AC-7 ospp: FMT_MOF_EXT.1 - srg: SRG-OS-000163-GPOS-00072 + srg: SRG-OS-000163-GPOS-00072,SRG-OS-000029-GPOS-00010 vmmsrg: SRG-OS-000163-VMM-000700,SRG-OS-000279-VMM-001010 stigid@rhel7: RHEL-07-040160 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.5,SR 1.7,SR 1.8,SR 1.9' diff --git a/rhel7/profiles/stig.profile b/rhel7/profiles/stig.profile index bb4af878a7..93e14eecf6 100644 --- a/rhel7/profiles/stig.profile +++ b/rhel7/profiles/stig.profile @@ -47,7 +47,7 @@ selections: - var_accounts_user_umask=077 - var_password_pam_retry=3 - var_accounts_max_concurrent_login_sessions=10 - - var_accounts_tmout=10_min + - var_accounts_tmout=15_min - var_time_service_set_maxpoll=system_default - sysctl_net_ipv4_conf_all_accept_source_route_value=disabled - sysctl_net_ipv4_conf_default_accept_source_route_value=disabled