Bug 972475
Summary: | The system must prevent the root account from logging in from virtual consoles. | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Jason Pyeron <jpyeron> | ||||||
Component: | setup | Assignee: | Ondrej Vasik <ovasik> | ||||||
Status: | CLOSED WONTFIX | QA Contact: | qe-baseos-daemons | ||||||
Severity: | high | Docs Contact: | |||||||
Priority: | unspecified | ||||||||
Version: | 6.6 | CC: | jason.j.pyeron.ctr, jrieden | ||||||
Target Milestone: | rc | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2013-08-19 14:33:24 UTC | Type: | Bug | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Jason Pyeron
2013-06-09 16:37:28 UTC
Created attachment 758865 [details]
specfile patch
Thanks for suggestion, in such cases it is not necessary to attach patches. I'll check if there is still some reason for having vc virtual consoles in securetty file, in http://nvd.nist.gov/scap/content/stylesheet/scap-rhel5-document.htm is mentioned that they may be required for backward compatibility. Discussed with few guys from security technologies team and closing WONTFIX for RHEL-6. For RHEL-6, we need to keep them - otherwise it may break some setups. STIG is just recommendation for system modifications for higher system security, not something we want to always ship by default. |