Check: GEN001080
HP-UX 11.23 STIG:
GEN001080
(in version v1 r8)
Title
The root shell must be located in the / file system. (Cat III impact)
Discussion
To ensure the root shell is available in repair and administrative modes, the root shell must be located in the / file system.
Check Content
Determine if the root shell is located on / (IE: a non-mounted file system). # cat /etc/passwd | grep "^root:" | awk -F ":" '{print $NF}' # grep <shell location from above> /etc/fstab If the root shell is located on a mountable file system listed in /etc/fstab, this is a finding.
Fix Text
Change the root account's shell to one present on the / file system.
Additional Identifiers
Rule ID: SV-38208r1_rule
Vulnerability ID: V-1062
Group Title: GEN001080
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |