GEN000000-LNX00620 - The /etc/securetty file must be group-owned by root, sys, or bin.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The securetty file contains the list of terminals permitting direct root logins. It must be protected from unauthorized modification.

Solution

Change the group-owner of /etc/securetty to root, sys, or bin.
Example:
# chgrp root /etc/securetty

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R17_STIG.zip

Item Details

Audit Name: DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, CCI|CCI-000225, CSCv6|3.1, Group-ID|V-12038, Rule-ID|SV-37340r1_rule, STIG-ID|GEN000000-LNX00620

Plugin: Unix

Control ID: 96bff218d208b8e985e374ca3bf280352bd5f208c37033805cb89ac852986160