Detections
Analytics
GEN001020 - The root account must not be used for direct logins.
Information
Direct login with the root account prevents individual user accountability. Acceptable non-routine uses of the root account for direct login are limited to emergency maintenance, the use of single-user mode for maintenance, and situations where individual administrator accounts are not available.Solution
Enforce policy requiring all root account access is attained by first logging into a user account and then becoming root (using su, for example).See Also
https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip
Item Details
Audit Name: DISA STIG AIX 6.1 v1r14
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-2(5), CAT|II, CCI|CCI-000770, Group-ID|V-11979, Rule-ID|SV-40787r1_rule, STIG-ID|GEN001020, Vuln-ID|V-11979
Plugin: Unix
Control ID: e5ca807ea8ad25bed0f57146d3fc9f7d3620455b9bb2b87d3eadb02a89431646