Detections
Analytics

5.6 Ensure root login is restricted to system console

Information

The file /etc/securetty contains a list of valid terminals that may be logged in directly as root.

Rationale:

Since the system console has special properties to handle emergency situations, it is important to ensure that the console is in a physically secure location and that unauthorized consoles have not been defined.

Solution

Remove entries for any consoles that are not in a physically secure location.

See Also

https://workbench.cisecurity.org/files/3144

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CSCv6|5.1, CSCv7|5.1

Plugin: Unix

Control ID: d0912e95513718c480e8ad28b924a2dd81ef309209ded87380bf09eb5403faf1