Logins to the root account must be restricted to the system console only.

An XCCDF Rule

Details
Profiles

Description

Use an authorized mechanism such as RBAC and the "su" command to provide administrative access to unprivileged accounts. These mechanisms provide an audit trail in the event of problems.

ID: SV-216124r959010_rule
Version: SOL-11.1-040430
Severity: Medium
References: CCI-000366
Updated: about 2 months ago

Remediation Templates

The root role is required.

Modify the /etc/default/login file

# pfedit /etc/default/login
Locate the line containing:

CONSOLE

Change it to read:

CONSOLE=/dev/console

Logins to the root account must be restricted to the system console only.

Description

Remediation Templates

A Manual Procedure