Detections
Analytics

1.4.4 Ensure the operating system requires authentication upon booting into emergency mode

Information

The operating system must require authentication upon booting into emergency mode.

If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.

Solution

Configure the system to require authentication upon booting into emergency mode by adding the following line to the "/usr/lib/systemd/system/emergency.service" file.

ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency

See Also

https://workbench.cisecurity.org/benchmarks/19886

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3, CAT|II, CSCv7|4.4, Rule-ID|SV-244523r743818_rule, Vuln-ID|V-244523

Plugin: Unix

Control ID: b3072701df37f246b2edcfe82549422cb980c8530374c8cc1942ea0e4ae0cc93