Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-780 | GEN000360 | SV-39094r1_rule | ECSC-1 | Medium |
Description |
---|
Reserved GIDs are typically used by system software packages. If non-system groups have GIDs in this range, they may conflict with system software, possibly leading to the group having permissions to modify system files. |
STIG | Date |
---|---|
AIX 5.3 Security Technical Implementation Guide | 2012-05-25 |
Check Text ( C-280r2_chk ) |
---|
# more /etc/passwd Confirm all accounts with a GID of 99 and below (499 and below for Linux) are used by a system account. If a GID reserved for system accounts, 0 - 99 (0 - 499 for Linux), is used by a non-system account, this is a finding. |
Fix Text (F-33336r1_fix) |
---|
Change the primary group GID numbers for non-system accounts with reserved primary group GIDs (those less or equal to 99 in general, or 499 for Linux). # smitty chuser |