Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-761 | GEN000300 | SV-27063r1_rule | IAIA-1 IAIA-2 | Medium |
Description |
---|
A unique user name is the first part of the identification and authentication process. If user names are not unique, there can be no accountability on the system for auditing purposes. Multiple accounts sharing the same name could result in the denial of service to one or both of the accounts or unauthorized access to files or privileges. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 5 Security Technical Implementation Guide | 2015-03-12 |
Check Text ( C-36103r1_chk ) |
---|
Check the system for duplicate account names. Example: # pwck -r If any duplicate account names are found, this is a finding. |
Fix Text (F-31349r1_fix) |
---|
Change user account names, or delete accounts, so each account has a unique name. |