Navigate

Check: SOL-11.1-070150

Solaris 11 x86 STIG: SOL-11.1-070150 (in versions v2 r10 through v2 r2)

Title

Duplicate group names must not exist. (Cat II impact)

Discussion

If a group is assigned a duplicate group name, it will create and have access to files with the first GID for that group in group. Effectively, the GID is shared, which is a security risk.

Check Content

The root role is required. Check for duplicate group names. # getent group | cut -f1 -d":" | sort -n | uniq -d If output is produced, this is a finding.

Fix Text

The root role is required. Correct or justify any items discovered in the Check step. Determine if there are any duplicate group names, and work with their respective owners to determine the best course of action in accordance with site policy. Delete or change the group name of duplicate groups.

Additional Identifiers

Rule ID: SV-216194r603881_rule

Vulnerability ID: V-216194

Group Title: SRG-OS-000480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings