Check: RHEL-09-411045
RHEL 9 STIG:
RHEL-09-411045
(in versions v2 r3 through v1 r1)
Title
All RHEL 9 interactive users must have a primary group that exists. (Cat II impact)
Discussion
If a user is assigned the Group Identifier (GID) of a group that does not exist on the system, and a group with the GID is subsequently created, the user may have unintended rights to any files associated with the group.
Check Content
Verify that all RHEL 9 interactive users have a valid GID. Check that the interactive users have a valid GID with the following command: $ sudo pwck -qr If the system has any interactive users with duplicate GIDs, this is a finding.
Fix Text
Configure the system so that all GIDs are referenced in "/etc/passwd" are defined in "/etc/group". Edit the file "/etc/passwd" and ensure that every user's GID is a valid GID.
Additional Identifiers
Rule ID: SV-258048r958482_rule
Vulnerability ID: V-258048
Group Title: SRG-OS-000104-GPOS-00051
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000764 |
Uniquely identify and authenticate organizational users and associate that unique identification with processes acting on behalf of those users. |
Controls
| Number | Title |
|---|---|
| IA-2 |
Identification and Authentication (organizational Users) |