root gdm login enabled as default in RHEL 6.2

Latest response

I just did a clean install of RHEL 6.2 workstation and created an empty /etc/securetty.

 
On a whim, I decided to see if root could login via the graphical login (even though I'm used to root gdm login being disabled by default).  I was surprised to see that I could login as root via the graphical login. This seems a security risk to me.
 
I double-checked that /etc/pam.d/gdm had the following:
 
auth       required    pam_succeed_if.so user != root quiet
 
This should disable root gdm login but it doesn't.
 
Not sure if RH meant for root gdm login to be enabled as a default. Documentation isn't clear but it would seem strange to me if this is the desired default. 
 
Any advice on how to disable root gdm login would be appreciated. 
ST
Log in to join the conversation

Responses

Sadique Puthen's picture Red Hat Guru 4679 points
30 December 2011 5:15 AM

If you are doing password authentication, you need to check https://access.redhat.com/kb/docs/DOC-63846