GEN000000-LNX00620 - The /etc/securetty file must be group-owned by root, sys, or bin.

Information

The securetty file contains the list of terminals permitting direct root logins. It must be protected from unauthorized modification.

Solution

Change the group-owner of /etc/securetty to root, sys, or bin.
Example:
# chgrp root /etc/securetty

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Audit Name: DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Group-ID|V-12038, Rule-ID|SV-37340r1_rule, STIG-ID|GEN000000-LNX00620, Vuln-ID|V-12038

Plugin: Unix

Control ID: cb8940d7d016869c1a118c73850e093ab0d7ebe3915b459ed4f8563f5b236532