GEN000000-LNX00660 - The /etc/securetty file must have mode 0640 or less permissive.

Information

The securetty file contains the list of terminals permitting direct root logins. It must be protected from unauthorized modification.

Solution

Change the mode of the /etc/securetty file to 0600.

Procedure:
# chmod 0600 /etc/securetty

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6, 800-53|CM-6b., CAT|II, CCI|CCI-000225, CCI|CCI-000366, Group-ID|V-12040, Rule-ID|SV-37342r3_rule, STIG-ID|GEN000000-LNX00660, Vuln-ID|V-12040

Plugin: Unix

Control ID: 6ccd19a04aa0c5ff5d4aa062863e3a6f25a568785202972c8e5a6aa1b2dd49f8