I believe the intent here is to protect non-GUI console sessions, because they do not have a screensaver that can lock.
The primary purpose of this is probably for servers, not desktops, but even desktops can be used in a console session by changing which virtual console you are using (the GUI is usually on console 7). You can switch consoles by pressing Ctrl+Alt+F{1-7}. (The "Ctrl" is only necessary when you are in the GUI; if you are already in a non-GUI console, you can just use Alt+F{1-7}.) Moshe -- Moshe Katz mmk...@umd.edu (301) 867-3732 <http://stackexchange.com/users/440421> On Wed, Nov 18, 2020 at 8:51 AM Judah Milgram <milg...@cgpp.com> wrote: > Indirectly related to the bash question, my network overlords have > implemented this directive: > > > https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2018-11-28/finding/V-72223 > > Short version: export TMOUT=600 in /etc/profile, and set it read only. > > My question: is this a real security issue? How can the bad guy "take > control" of a console session, without sitting down at my computer? > Wouldn't a screen locker serve just as well? > > Or is this only about network connections? > > And what's a "management session"? > > Grateful for any enlightenment. > > thanks! > Judah > > -- > Judah Milgram > milg...@cgpp.com > 301-257-7069 > > You received this email because you are subscribed to the UM Linux User's > Group (UM-LINUX) mailing list. If you would like to unsubscribe from this > list, simply send an email to lists...@listserv.umd.edu with the message > signoff UM-LINUX in the body. > You received this email because you are subscribed to the UM Linux User's Group (UM-LINUX) mailing list. If you would like to unsubscribe from this list, simply send an email to lists...@listserv.umd.edu with the message signoff UM-LINUX in the body.