GEN000000-LNX00660 - The /etc/securetty file must have mode 0640 or less permissive.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The securetty file contains the list of terminals permitting direct root logins. It must be protected from unauthorized modification.

Solution

Change the mode of the /etc/securetty file to 0600.

Procedure:
# chmod 0600 /etc/securetty

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R17_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, CCI|CCI-000225, CCI|CCI-000366, CSCv6|3.1, Group-ID|V-12040, Rule-ID|SV-37342r3_rule, STIG-ID|GEN000000-LNX00660

Plugin: Unix

Control ID: 5d9df4f2a13fba2a9af34c2e6bae1b8b9e478759d22f737476fa5f2874965ad5