Check: RHEL-09-411045
RHEL 9 STIG:
RHEL-09-411045
(in versions v1 r3 through v1 r1)
Title
All RHEL 9 interactive users must have a primary group that exists. (Cat II impact)
Discussion
If a user is assigned the Group Identifier (GID) of a group that does not exist on the system, and a group with the GID is subsequently created, the user may have unintended rights to any files associated with the group.
Check Content
Verify that all RHEL 9 interactive users have a valid GID. Check that the interactive users have a valid GID with the following command: $ sudo pwck -qr If the system has any interactive users with duplicate GIDs, this is a finding.
Fix Text
Configure the system so that all GIDs are referenced in "/etc/passwd" are defined in "/etc/group". Edit the file "/etc/passwd" and ensure that every user's GID is a valid GID.
Additional Identifiers
Rule ID: SV-258048r926131_rule
Vulnerability ID: V-258048
Group Title: SRG-OS-000104-GPOS-00051
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000764 |
The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users). |
Controls
| Number | Title |
|---|---|
| IA-2 |
Identification And Authentication (Organizational Users) |