Differences
This shows you the differences between two versions of the page.
|
centos7:5:5 [2017/05/04 17:46] |
centos7:5:5 [2017/05/04 17:46] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ======5.5 Ensure root login is restricted to system console (Not Scored)====== | ||
| + | =====Profile Applicability===== | ||
| + | <code> | ||
| + | Level 1 - Server | ||
| + | Level 1 - Workstation | ||
| + | </code> | ||
| + | =====Description===== | ||
| + | The file ''/etc/securetty'' contains a list of valid terminals that may be logged in directly as root. | ||
| + | |||
| + | =====Rationale===== | ||
| + | Since the system console has special properties to handle emergency situations, it is important to ensure that the console is in a physically secure location and that unauthorized consoles have not been defined. | ||
| + | |||
| + | =====Audit===== | ||
| + | <Code:bash> | ||
| + | # cat /etc/securetty | ||
| + | </Code> | ||
| + | |||
| + | =====Remediation===== | ||
| + | Remove entries for any consoles that are not in a physically secure location. | ||
