STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The /etc/securetty file must have mode 0600 or less permissive.

DISA Rule

SV-63071r1_rule

Vulnerability Number

V-12040

Group Title

GEN000000-LNX00660

Rule Version

GEN000000-LNX00660

Severity

CAT II

CCI(s)

• CCI-000225 - The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.
• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Change the mode of the /etc/securetty file to 0600.

Procedure:
# chmod 0600 /etc/securetty

Check Contents

Check /etc/securetty permissions.

Procedure:
# ls -lL /etc/securetty

If /etc/securetty has a mode more permissive than 0600, this is a finding.

Vulnerability Number

V-12040

Documentable

False

Rule Version

GEN000000-LNX00660

Severity Override Guidance

Check /etc/securetty permissions.

Procedure:
# ls -lL /etc/securetty

If /etc/securetty has a mode more permissive than 0600, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments