STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Ubuntu operating system must uniquely identify interactive users.

DISA Rule

SV-219325r610963_rule

Vulnerability Number

V-219325

Group Title

SRG-OS-000104-GPOS-00051

Rule Version

UBTU-18-010444

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
• CCI-000804 - The information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users).

Weight

10

Fix Recommendation

Edit the file "/etc/passwd" and provide each interactive user account that has a duplicate User ID (UID) with a unique UID.

Check Contents

Verify that the Ubuntu operating system contains no duplicate User IDs (UIDs) for interactive users.

Check that the Ubuntu operating system contains no duplicate UIDs for interactive users with the following command:

# awk -F ":" 'list[$3]++{print $1, $3}' /etc/passwd

If output is produced, and the accounts listed are interactive user accounts, this is a finding.

Vulnerability Number

V-219325

Documentable

False

Rule Version

UBTU-18-010444

Severity Override Guidance

Verify that the Ubuntu operating system contains no duplicate User IDs (UIDs) for interactive users.

Check that the Ubuntu operating system contains no duplicate UIDs for interactive users with the following command:

# awk -F ":" 'list[$3]++{print $1, $3}' /etc/passwd

If output is produced, and the accounts listed are interactive user accounts, this is a finding.

Check Content Reference

M

Target Key

4055

Comments