STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

V-769

CAT II (Medium)

The root user must not own the logon session for an application requiring a continuous display.

Rule ID

SV-44858r1_rule

STIG

SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

Version

V1R12

CCIs

CCI-000225

Discussion

If an application is providing a continuous display and is running with root privileges, unauthorized users could interrupt the process and gain root access to the system.

Check Content

If there is an application running on the system continuously in use (such as a network monitoring application), ask the SA what the name of the application is.
Verify documentation exists for the requirement and justification of the application. If no documentation exists, this is a finding.
Execute "ps -ef | more" to determine which user owns the process(es) associated with the application. If the owner is root, this is a finding.

Fix Text

Configure the system so the owner of a session requires a continuous screen display, such as a network management display, is not root. Ensure the display is also located in a secure, controlled access area. Document and justify this requirement and ensure the terminal and keyboard for the display (or workstation) are secure from all but authorized personnel by maintaining them in a secure area, in a locked cabinet where a swipe card, or other positive forms of identification, must be used to gain entry.