STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must uniquely identify interactive users.

DISA Rule

SV-238205r653790_rule

Vulnerability Number

V-238205

Group Title

SRG-OS-000104-GPOS-00051

Rule Version

UBTU-20-010010

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
• CCI-000804 - The information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users).

Weight

10

Fix Recommendation

Edit the file "/etc/passwd" and provide each interactive user account that has a duplicate UID with a unique UID.

Check Contents

Verify the Ubuntu operating system contains no duplicate User IDs (UIDs) for interactive users with the following command:

$ awk -F ":" 'list[$3]++{print $1, $3}' /etc/passwd

If output is produced and the accounts listed are interactive user accounts, this is a finding.

Vulnerability Number

V-238205

Documentable

False

Rule Version

UBTU-20-010010

Severity Override Guidance

Verify the Ubuntu operating system contains no duplicate User IDs (UIDs) for interactive users with the following command:

$ awk -F ":" 'list[$3]++{print $1, $3}' /etc/passwd

If output is produced and the accounts listed are interactive user accounts, this is a finding.

Check Content Reference

M

Target Key

5318

Comments