Description

There are a number of methods to access the root account directly. Without a password set any user would be able to gain access and thus control over the entire system.

Rationale

Access to root should be secured at all times.

Warning

This rule doesn’t come with a remediation, as the exact requirement allows root to either have a password or be locked.