9.4 Restrict root Login to System Console - Review

Information

The file /etc/securetty contains a list of valid terminals that may be logged in directly as
root.

*Rationale*

Since the system console has special properties to handle emergency situations, it is
important to ensure that the console is in a physically secure location and that
unauthorized consoles have not been defined.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Remove entries for any consoles that are not in a physically secure location.

See Also

https://workbench.cisecurity.org/files/91

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(3)

Plugin: Unix

Control ID: dd68a51009dd8bdeaaf2f8ec596aaa02c19666803f17c73c05e580a17e503f3a