Check: GEN000320
Solaris 10 X86 STIG:
GEN000320
(in versions v2 r4 through v1 r17)
Title
All accounts must be assigned unique User Identification Numbers (UIDs). (Cat II impact)
Discussion
Accounts sharing a UID have full access to each others' files. This has the same effect as sharing a login. There is no way to assure identification, authentication, and accountability because the system sees them as the same user. If the duplicate UID is 0, this gives potential intruders another privileged account to attack.
Check Content
Perform the following to ensure there are no duplicate UIDs. # logins -d If any duplicate UIDs are found, this is a finding.
Fix Text
Edit user accounts to provide unique UIDs for each account.
Additional Identifiers
Rule ID: SV-227570r603266_rule
Vulnerability ID: V-227570
Group Title: SRG-OS-000104
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000764 |
The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users). |
Controls
Number | Title |
---|---|
IA-2 |
Identification And Authentication (Organizational Users) |