UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

All accounts must be assigned unique User Identification Numbers (UIDs).


Overview

Finding ID Version Rule ID IA Controls Severity
V-762 GEN000320 SV-27068r1_rule IAIA-1 IAIA-2 Medium
Description
Accounts sharing a UID have full access to each others' files. This has the same effect as sharing a login. There is no way to assure identification, authentication, and accountability because the system sees them as the same user. If the duplicate UID is 0, this gives potential intruders another privileged account to attack.
STIG Date
Red Hat Enterprise Linux 5 Security Technical Implementation Guide 2016-12-16

Details

Check Text ( C-36104r2_chk )
Perform the following to ensure there are no duplicate UIDs:

# cut -d: -f3 /etc/passwd | uniq -d

If any duplicate UIDs are found, this is a finding.
Fix Text (F-31350r1_fix)
Edit user accounts to provide unique UIDs for each account.