Check: GEN000000-LNX00180
VMware ESX 3 Server:
GEN000000-LNX00180
(in version v1 r2)
Title
If LILO is the authorized boot loader for the system, a global password must be defined in /etc/lilo.conf. (Cat I impact)
Discussion
If LILO has been approved for use, it must be password protected to prevent malicious booting into single user mode and to prevent booting of an insecure operating system.
Check Content
Check for the password to precede the first image stanza in /etc/lilo.conf: # more /etc/lilo.conf password=”” image=/boot/vmlinuz-2.4.20-6smp If a password is not found, then this is a finding.
Fix Text
Password protect LILO by including the password=password line to the global section of /etc/lilo.conf.
Additional Identifiers
Rule ID: SV-4252r2_rule
Vulnerability ID: V-4252
Group Title: GEN000000-LNX00180
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |