Navigate

Check: RHEL-06-000070

Red Hat Enterprise Linux 6 STIG: RHEL-06-000070 (in versions v2 r2 through v1 r14)

Title

The system must not permit interactive boot. (Cat II impact)

Discussion

Using interactive boot, the console user could disable auditing, firewalls, or other services, weakening system security.

Check Content

To check whether interactive boot is disabled, run the following command: $ grep PROMPT /etc/sysconfig/init If interactive boot is disabled, the output will show: PROMPT=no If it does not, this is a finding.

Fix Text

To disable the ability for users to perform interactive startups, edit the file "/etc/sysconfig/init". Add or correct the line: PROMPT=no The "PROMPT" option allows the console user to perform an interactive system startup, in which it is possible to select the set of services which are started on boot.

Additional Identifiers

Rule ID: SV-217906r603264_rule

Vulnerability ID: V-217906

Group Title: SRG-OS-000080

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000213	Enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-3	Access Enforcement