AIX system must require authentication upon booting into single-user and maintenance modes.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-215308 | SRG-OS-000480-GPOS-00227 | AIX7-00-002127 | SV-215308r991589_rule | 2024-08-16 | 3 |
| Description |
|---|
| This prevents attackers with physical access from trivially bypassing security on the machine and gaining root access. Such accesses are further prevented by configuring the bootloader password. |
| ℹ️ Check |
|---|
| Verify that the "root" account has a password assigned: # cut -d: -f1,2 /etc/passwd | grep root root:! If the "root" account is not listed with an "!", this is a finding. |
| ✔️ Fix |
|---|
| Assign the "root" account a password using passwd command while logged on as "root": # passwd |