UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The root account must be the only account having unrestricted access to the OL 8 system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-248874 OL08-00-040200 SV-248874r780188_rule High
Description
If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.
STIG Date
Oracle Linux 8 Security Technical Implementation Guide 2023-06-02

Details

Check Text ( C-52308r780186_chk )
Check the system for duplicate UID "0" assignments with the following command:

$ sudo awk -F: '$3 == 0 {print $1}' /etc/passwd

If any accounts other than root have a UID of "0", this is a finding.
Fix Text (F-52262r780187_fix)
Change the UID of any account on the system, other than root, that has a UID of "0".

If the account is associated with system commands or applications, change the UID to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.