Check: GEN000880
SUSE Linux Enterprise Server v11 for System z STIG:
GEN000880
(in versions v1 r12 through v1 r9)
Title
The root account must be the only account having a UID of 0. (Cat II impact)
Discussion
If an account has a UID of 0, it has root authority. Multiple accounts with a UID of 0 afford more opportunity for potential intruders to guess a password for a privileged account.
Check Content
Check the system for duplicate UID 0 assignments by listing all accounts assigned UID 0. Procedure: # cat /etc/passwd | awk -F":" '{print$1":"$3":"}' | grep ":0:" If any accounts other than root are assigned UID 0, this is a finding.
Fix Text
Remove or change the UID of accounts other than root that have UID 0.
Additional Identifiers
Rule ID: SV-44900r1_rule
Vulnerability ID: V-773
Group Title: GEN000880
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
Implement the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |