Profile Applicability:
Level 1 - Server
Level 1 - Workstation
Description:
Single user mode is used for recovery when the system detects an issue during boot or
by manual selection from the bootloader.
Rationale:
Requiring authentication in single user mode prevents an unauthorized user from
rebooting the system into single user to gain root privileges without credentials.
Audit:
Perform the following to determine if a password is set for the root user:
# grep -Eq '^root:\$[0-9]' /etc/shadow || echo "root is locked"
No results should be returned.
Profile Applicability: Level 1 - Server Level 1 - Workstation Description: Single user mode is used for recovery when the system detects an issue during boot or by manual selection from the bootloader. Rationale: Requiring authentication in single user mode prevents an unauthorized user from rebooting the system into single user to gain root privileges without credentials. Audit: Perform the following to determine if a password is set for the root user:
# grep -Eq '^root:\$[0-9]' /etc/shadow || echo "root is locked"No results should be returned.