An error occurred:

Check: GEN000880

IRIX 6.5: GEN000880 (in versions v1 r1 through v1 r0.6)

Title

The root account must be the only account having an UID of 0. (Cat II impact)

Discussion

If an account has an UID of 0, it has root authority. Multiple accounts with an UID of 0 afford more opportunity for potential intruders to guess a password for a privileged account.

Check Content

Check the system for duplicate UID 0 assignments by listing all accounts assigned UID 0. Procedure: # cat /etc/passwd If any accounts other than root are assigned UID 0, this is a finding.

Fix Text

Remove or change the UID of accounts other than root that have UID 0.

Additional Identifiers

Rule ID:

Vulnerability ID: V-773

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings