Prompt Password for all open sessionsID: oval:org.secpod.oval:def:44326 | Date: (C)2018-02-21 (M)2023-07-04 |
Class: COMPLIANCE | Family: macos |
The sudo command must be configured to prompt for the administrator user's password at least once in each newly opened Terminal window or remote login session, as this prevents a malicious user from taking advantage of an unlocked computer or an abandoned login session to bypass the normal password prompt requirement. Without the tty_tickets option, all open local and remote login sessions would be authenticated to use sudo without a password for the duration of the configured password timeout window.
Platform: |
Apple Mac OS X 10.13 |