Check: GEN000880
Solaris 10 X86 STIG:
GEN000880
(in versions v2 r4 through v1 r17)
Title
The root account must be the only account having an UID of 0. (Cat II impact)
Discussion
If an account has an UID of 0, it has root authority. Multiple accounts with an UID of 0 afford more opportunity for potential intruders to guess a password for a privileged account.
Check Content
Check the system for duplicate UID 0 assignments by listing all accounts assigned UID 0. Procedure: # awk -F: '$3 == 0' /etc/passwd If any accounts other than root are assigned UID 0, this is a finding.
Fix Text
Remove or change the UID of accounts other than root that have UID 0.
Additional Identifiers
Rule ID: SV-220078r603266_rule
Vulnerability ID: V-220078
Group Title: SRG-OS-000480
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
Implement the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |