When operating systems provide the capability to escalate a functional. Without reauthentication, users may access resources or perform tasks for which they do not have authorization. The Ubuntu operating system must require users to reauthenticate for privilege escalation or when changing roles. The Ubuntu operating system must disable the x86 Ctrl-Alt-Delete key sequence if a graphical user interface is installed. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create. The Ubuntu operating system must disable the x86 Ctrl-Alt-Delete key sequence.Ī locally logged-on user who presses Ctrl-Alt-Delete, when at the console, can reboot the system.
If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily. Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. The Ubuntu operating system must not have the telnet package installed. These unnecessary capabilities or services are often.
#Lts remote access for mac install#
It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. The Ubuntu operating system must not have the rsh-server package installed. Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. The Ubuntu operating system must use SSH to protect the confidentiality and integrity of transmitted information. The Ubuntu operating system must not allow unattended or automatic login via SSH.įailure to restrict system access to authenticated users negatively impacts Ubuntu operating system security. A System Administrator may have a stance in. The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding. The Ubuntu operating system must be configured so that remote X connections are disabled, unless to fulfill documented and validated mission requirements. The operating system must implement cryptographic modules adhering to the higher. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. Without mapping the certificate used to authenticate to the user account, the ability to determine the identity of the individual user or group will not be available for forensic analysis. The Ubuntu operating system must map the authenticated identity to the user or group account for PKI-based authentication. Security functions are the hardware, software. The Ubuntu operating system must ensure only users who need access to security functions are part of sudo group.Īn isolation boundary provides access control and protects the integrity of the hardware, software, and firmware that perform security functions. To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DoD-approved PKIs, all DoD systems (e.g., web servers and web portals) must.
Ubuntu operating systems when booted must require authentication upon booting into single-user and maintenance modes. Findings (MAC III - Administrative Sensitive) Finding ID
0 kommentar(er)
