Check: OL6-00-000070
Oracle Linux 6 STIG:
OL6-00-000070
(in versions v2 r7 through v1 r9)
Title
The system must not permit interactive boot. (Cat II impact)
Discussion
Using interactive boot, the console user could disable auditing, firewalls, or other services, weakening system security.
Check Content
To check whether interactive boot is disabled, run the following command: $ grep PROMPT /etc/sysconfig/init If interactive boot is disabled, the output will show: PROMPT=no If it does not, this is a finding.
Fix Text
To disable the ability for users to perform interactive startups, edit the file "/etc/sysconfig/init". Add or correct the line: PROMPT=no The "PROMPT" option allows the console user to perform an interactive system startup, in which it is possible to select the set of services which are started on boot.
Additional Identifiers
Rule ID: SV-208845r793630_rule
Vulnerability ID: V-208845
Group Title: SRG-OS-000080
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000213 |
The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
Controls
Number | Title |
---|---|
AC-3 |
Access Enforcement |