4.5.2.4 Ensure root password is set

Information

There are a number of methods to access the root account directly. Without a password set any user would be able to gain access and thus control over the entire system.

Access to root should be secured at all times.

Solution

Set the root password with:

# passwd root

Impact:

If there are any automated processes that relies on access to the root account without authentication, they will fail after remediation.

See Also

https://workbench.cisecurity.org/benchmarks/15289

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: Unix

Control ID: 04149a7cdd0ad878671a1ddc6e2d4553cb8da81bd215ad5037cd33185ac0e512