STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The system must display a publicly-viewable pattern during a graphical desktop environment session lock.

DISA Rule

SV-226453r603265_rule

Vulnerability Number

V-226453

Group Title

SRG-OS-000029

Rule Version

GEN000510

Severity

CAT III

CCI(s)

• CCI-000057 - The information system initiates a session lock after the organization-defined time period of inactivity.

Weight

10

Fix Recommendation

Edit the /etc/dt/config/C/sys.resources file and add/edit the following lines, using 15 for the saverTimeout, and using StartDtscreenBlank for the saverList.

dtsession*saverTimeout: 15
dtsession*saverList: StartDtscreenBlank

Check Contents

Determine if a publicly-viewable pattern is displayed during a session lock. If the session lock pattern is not publicly-viewable, this is a finding.

Acceptable checks for settings.

# grep -i dtsession /etc/dt/config/C/sys.resources | egrep -i "saverList|saverTimeout"

The saverTimeout value should be 15 (see GEN000500).
The saverList value of StartDtscreenBlank is an acceptable screensaver.

Vulnerability Number

V-226453

Documentable

False

Rule Version

GEN000510

Severity Override Guidance

Determine if a publicly-viewable pattern is displayed during a session lock. If the session lock pattern is not publicly-viewable, this is a finding.

Acceptable checks for settings.

# grep -i dtsession /etc/dt/config/C/sys.resources | egrep -i "saverList|saverTimeout"

The saverTimeout value should be 15 (see GEN000500).
The saverList value of StartDtscreenBlank is an acceptable screensaver.

Check Content Reference

M

Target Key

4060

Comments