10.4 Restrict access to sys-suspend feature

Information

The /etc/default/sys-suspend settings control which users are allowed to use the syssuspend command to shut down the system.

Solution

Perform the following to implement the recommended state:
# cd /etc/default
# awk '/^PERMS=/ { $1 = "PERMS=-" }
{ print }' sys-suspend >sys-suspend.new
# mv sys-suspend.new sys-suspend
# pkgchk -f -n -p /etc/default/sys-suspend

See Also

https://workbench.cisecurity.org/files/614

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(1)

Plugin: Unix

Control ID: 3175622ee154b06e3198729340546ba1e407f398113ea1f1577167ed53183670