Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
UIDs reserved for system accounts must not be assigned to non-system accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-11946 | GEN000340 | SV-38669r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Reserved UIDs are typically used by system software packages. If non-system accounts have UIDs in this range, they may conflict with system software, possibly leading to the user having permissions to modify system files. |
| STIG | Date |
|---|---|
| AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2017-12-08 |
Details
| Check Text ( C-36661r1_chk ) |
|---|
| Check the UID assignments of all accounts. # more /etc/passwd Confirm all accounts with a UID of 128 and below are used by a system account. If a UID reserved for system accounts (0-128) is used by a non-system account, this is a finding. |
| Fix Text (F-31625r1_fix) |
|---|
| Using the usermod command, change the UID numbers for non-system accounts with reserved UIDs (those less or equal to 128). # usermod -u Alternatively, smit can be used for this same purpose. #smitty users |