UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Oracle Linux operating system must be configured so that all Group Identifiers (GIDs) referenced in the /etc/passwd file are defined in the /etc/group file.


Overview

Finding ID Version Rule ID IA Controls Severity
V-221722 OL07-00-020300 SV-221722r603260_rule Low
Description
If a user is assigned the GID of a group not existing on the system, and a group with the GID is subsequently created, the user may have unintended rights to any files associated with the group.
STIG Date
Oracle Linux 7 Security Technical Implementation Guide 2023-12-01

Details

Check Text ( C-23437r419238_chk )
Verify all GIDs referenced in the "/etc/passwd" file are defined in the "/etc/group" file.

Check that all referenced GIDs exist with the following command:

# pwck -r

If GIDs referenced in then "/etc/passwd" file are returned as not defined in the "/etc/group" file, this is a finding.
Fix Text (F-23426r419239_fix)
Configure the system to define all GIDs found in the "/etc/passwd" file by modifying the "/etc/group" file to add any non-existent group referenced in the "/etc/passwd" file, or change the GIDs referenced in the "/etc/passwd" file to a group that exists in "/etc/group".