%root001w
The indicated file allows remote (i.e., other than system console).
root logins for telnet and other services.  For /etc/default/login,
be sure that the line "CONSOLE=/dev/console" exists.  For /etc/securetty,
be sure that there are no ttyp entries.
%root002w
The indicated /etc/ftpusers file allows remote root ftp logins.  The entry
"root" should be added to this file.
%root003w
The root user should not have the message capability turned on.  This
could lead to inadvertant modification of files with the root user is
logged in.
