Detections
Analytics
GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group.
Information
Configuring a supplemental group for users permitted to switch to the root user prevents unauthorized users from accessing the root account, even with knowledge of the root credentials.Solution
Edit /etc/pam.d/su and uncomment or add a line such as 'auth required pam_wheel.so'. If necessary, create a 'wheel' group and add administrative users to the group.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip
Item Details
Audit Name: DISA STIG for Oracle Linux 5 v2r1
Category: ACCESS CONTROL
References: 800-53|AC-2c., 800-53|AC-3(7), CAT|III, CCI|CCI-000009, CCI|CCI-002169, Rule-ID|SV-218243r603259_rule, STIG-ID|GEN000850, STIG-Legacy|SV-64327, STIG-Legacy|V-22308, Vuln-ID|V-218243
Plugin: Unix
Control ID: 778a554deaf0b87d4ac23adafc2e09abca900d8e5c8a1b36f61a279ae6443e9a