The system must prevent the root account from directly logging in except from the system console.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-778 | GEN000980 | SV-27143r1_rule | ECPA-1 ECSD-2 | Medium |
| Description |
|---|
| Limiting the root account direct logins to only system consoles protects the root account from direct unauthorized access from a non-console device. |
| STIG | Date |
|---|---|
| SOLARIS 9 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2015-10-01 |
Details
| Check Text ( C-28066r1_chk ) |
|---|
| Check the CONSOLE setting in /etc/default/login # grep CONSOLE /etc/default/login If CONSOLE is set to a value other than /dev/console, this is a finding. |
| Fix Text (F-24417r1_fix) |
|---|
| Edit the /etc/default/login file and uncomment the line containing /dev/console if it is commented out. |