Skip to content

Shell security controls

Control : SHLL-6202

Consoles should be protected by only allowing access to single user mode by means of password authentication. Check consoles in /etc/ttys and adjust the related console with parameter 'secure' and mark them as 'insecure'.

Control : SHLL-6220

Depending on security requirements, idle sessions should be appropriately checked and dealt with.

Control : SHLL-6290

When this control shows up, Bash is vulnerable for one or more Shellshock related issues.