OL6-00-000027 – The system must prevent the root account from logging in from virtual consoles.

Details

Preventing direct root login to virtual console devices helps ensure accountability for actions taken on the system using the root account.

Solution

To restrict root logins through the (deprecated) virtual console devices, ensure lines of this form do not appear in ‘/etc/securetty’:

vc/1
vc/2
vc/3
vc/4

Note: Virtual console entries are not limited to those listed above. Any lines starting with ‘vc/’ followed by numerals should be removed.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_6_V1R18_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Unix.

References

800-53|IA-2(5)
CAT|II
CCI|CCI-000770
Group-ID|V-50721
Rule-ID|SV-208804r603263_rule
STIG-ID|OL6-00-000027
STIG-Legacy|SV-64927
STIG-Legacy|V-50721
Vuln-ID|V-208804

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles