STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The root account must be the only account having a UID of 0.

DISA Rule

SV-208809r603263_rule

Vulnerability Number

V-208809

Group Title

SRG-OS-000480

Rule Version

OL6-00-000032

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

If any account other than root has a UID of 0, this misconfiguration should be investigated and the accounts other than root should be removed or have their UID changed.

Check Contents

To list all password file entries for accounts with UID 0, run the following command:

# awk -F: '($3 == 0) {print}' /etc/passwd

This should print only one line, for the user root.
If any account other than root has a UID of 0, this is a finding.

Vulnerability Number

V-208809

Documentable

False

Rule Version

OL6-00-000032

Severity Override Guidance

To list all password file entries for accounts with UID 0, run the following command:

# awk -F: '($3 == 0) {print}' /etc/passwd

This should print only one line, for the user root.
If any account other than root has a UID of 0, this is a finding.

Check Content Reference

M

Target Key

2928

Comments