OL08-00-010152 – OL 8 operating systems must require authentication upon booting into emergency mode.

Details

If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.

Solution

Configure the system to require authentication upon booting into emergency mode by adding the following line to the ‘/usr/lib/systemd/system/emergency.service’ file:

ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_8_V1R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

800-53|AC-3
CAT|II
CCI|CCI-000213
Rule-ID|SV-248542r779192_rule
STIG-ID|OL08-00-010152
Vuln-ID|V-248542

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles