STIGQter STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system root account must be the only account with unrestricted access to the system.

DISA Rule

SV-234876r622137_rule

Vulnerability Number

V-234876

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

SLES-15-020100

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Change the UID of any account on the SUSE operating system, other than the root account, that has a UID of "0".

If the account is associated with system commands or applications, the UID should be changed to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.

Check Contents

Verify that the SUSE operating system root account is the only account with unrestricted access to the system.

Check the system for duplicate UID "0" assignments with the following command:

> awk -F: '$3 == 0 {print $1}' /etc/passwd

root

If any accounts other than root have a UID of "0", this is a finding.

Vulnerability Number

V-234876

Documentable

False

Rule Version

SLES-15-020100

Severity Override Guidance

Verify that the SUSE operating system root account is the only account with unrestricted access to the system.

Check the system for duplicate UID "0" assignments with the following command:

> awk -F: '$3 == 0 {print $1}' /etc/passwd

root

If any accounts other than root have a UID of "0", this is a finding.

Check Content Reference

M

Target Key

5274

Comments