Check: PHTN-67-000034
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000034
(in versions v1 r6 through v1 r1)
Title
The Photon operating system must not have Duplicate User IDs (UIDs). (Cat II impact)
Discussion
To ensure accountability and prevent unauthenticated access, organizational users must be uniquely identified and authenticated to prevent potential misuse and provide for non-repudiation.
Check Content
At the command line, execute the following command: # awk -F ":" 'list[$3]++{print $1, $3}' /etc/passwd If any lines are returned, this is a finding.
Fix Text
Open /etc/passwd with a text editor. Configure each user account that has a duplicate UID with a unique UID.
Additional Identifiers
Rule ID: SV-239106r675126_rule
Vulnerability ID: V-239106
Group Title: SRG-OS-000104-GPOS-00051
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000764 |
The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users). |
Controls
Number | Title |
---|---|
IA-2 |
Identification And Authentication (Organizational Users) |