Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The root account must be the only account having unrestricted access to the system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-214999 | UBTU-16-010670 | SV-214999r508033_rule | High |
| Description |
|---|
| If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire Ubuntu operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account. |
| STIG | Date |
|---|---|
| Canonical Ubuntu 16.04 LTS Security Technical Implementation Guide | 2020-09-03 |
Details
| Check Text ( C-16198r284865_chk ) |
|---|
| Check the Ubuntu operating system for duplicate User ID (UID) "0" assignments with the following command: # awk -F: '$3 == 0 {print $1}' /etc/passwd root If any accounts other than root have a UID of "0", this is a finding. |
| Fix Text (F-16196r284866_fix) |
|---|
| Change the User ID (UID) of any account on the system, other than root, that has a UID of "0". If the account is associated with system commands or applications, the UID should be changed to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned. |