Check: GEN000020
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN000020
(in versions v1 r14 through v1 r10)
Title
The system must require authentication upon booting into single-user and maintenance modes. (Cat II impact)
Discussion
If the system does not require a valid root password before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system.
Check Content
Ensure the root account for any bootable partitions has a password assigned in the /etc/security/passwd file.
Fix Text
Assign a root account password for any bootable partition.
Additional Identifiers
Rule ID: SV-27039r1_rule
Vulnerability ID: V-756
Group Title: GEN000020
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
Number | Definition |
---|---|
CCI-000213 |
The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
---|---|
AC-3 |
Access Enforcement |