Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Red Hat Enterprise Linux 8 Security Technical Implementation Guide
SRG-OS-000118-GPOS-00060
RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
An XCCDF Rule
Details
Profiles
Prose
RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
Medium Severity
<VulnDiscussion>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained. RHEL 8 needs to track periods of inactivity and disable application identifiers after 35 days of inactivity.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>