All systems are vulnerable if terminals are left logged in and unattended. The most serious problem occurs when a system manager leaves a terminal unattended that has been enabled with root authority. In general, users should log out anytime they leave their terminals.
You can force a terminal to log out after a period of inactivity by setting the TMOUT and TIMEOUT parameters in the /etc/profile file. The TMOUT parameter works in the ksh (Korn) shell, and the TIMEOUT parameter works in the bsh (Bourne) shell.
The following example, taken from a .profile file, forces the terminal to log out after an hour of inactivity:
TO=3600 echo "Setting Autologout to $TO" TIMEOUT=$TO TMOUT=$TO export TIMEOUT TMOUT
Note: You can override the TMOUT and TIMEOUT values in the /etc/profile file by specifying different values in the .profile file in your home directory.