This is an old revision of the document!

5.5 Ensure root login is restricted to system console (Not Scored)

Level 1 - Server
Level 1 - Workstation 

The file /etc/securetty contains a list of valid terminals that may be logged in directly as root.

Since the system console has special properties to handle emergency situations, it is important to ensure that the console is in a physically secure location and that unauthorized consoles have not been defined.

# cat /etc/securetty

Remove entries for any consoles that are not in a physically secure location.