3.2.1.2 system account lockdown - bin login

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

This change disables direct login access for the bin user account.

This change disables direct local and remote login to the bin user account. It is recommended that a password is not set on this account to ensure that the only access is via su from the root account.

There should not be a requirement to log in as the bin user directly. All users should be given unique logon ids to ensure traceability and accountability.

Solution

Change the login and remote login user flags to disable bin user access-

chuser login=false rlogin=false bin

See Also

https://workbench.cisecurity.org/files/528