UCF STIG Viewer Logo

All GIDs referenced in the /etc/passwd file must be defined in the /etc/group file.


Overview

Finding ID Version Rule ID IA Controls Severity
V-781 GEN000380 SV-38455r1_rule ECSC-1 Low
Description
If a user is assigned the GID of a group not existing on the system, and a group with that GID is subsequently created, the user may have unintended rights to the group.
STIG Date
HP-UX 11.23 Security Technical Implementation Guide 2015-12-02

Details

Check Text ( C-36254r1_chk )
Determine if any GIDs referenced in /etc/passwd are not defined in /etc/group.

Procedure:
# cat /etc/passwd | cut -f 4,4 -d ":" | sort | uniq

With the above GIDs, manually execute the following command for every GID from above. Note that this command is expected to return line entry information from /etc/group.

# grep -n /etc/group

If any GIDs referenced in /etc/passwd and not defined in /etc/group are returned, this is a finding.
Fix Text (F-31511r2_fix)
Add a group to the system (edit /etc/group) for each GID referenced without a corresponding group.