Check: GEN000380
HP-UX 11.23 STIG:
GEN000380
(in version v1 r8)
Title
All GIDs referenced in the /etc/passwd file must be defined in the /etc/group file. (Cat III impact)
Discussion
If a user is assigned the GID of a group not existing on the system, and a group with that GID is subsequently created, the user may have unintended rights to the group.
Check Content
Determine if any GIDs referenced in /etc/passwd are not defined in /etc/group. Procedure: # cat /etc/passwd | cut -f 4,4 -d ":" | sort | uniq With the above GIDs, manually execute the following command for every GID from above. Note that this command is expected to return line entry information from /etc/group. # grep -n <GID> /etc/group If any GIDs referenced in /etc/passwd and not defined in /etc/group are returned, this is a finding.
Fix Text
Add a group to the system (edit /etc/group) for each GID referenced without a corresponding group.
Additional Identifiers
Rule ID: SV-38455r1_rule
Vulnerability ID: V-781
Group Title: GEN000380
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |