The root account must be the only account with GID of 0.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-226422 | GEN000000-SOL00440 | SV-226422r603265_rule | High |
| Description |
|---|
| Accounts with a GID of 0 have root group privileges. |
| STIG | Date |
|---|---|
| Solaris 10 SPARC Security Technical Implementation Guide | 2020-12-04 |
Details
| Check Text ( C-28583r482627_chk ) |
|---|
| Check passwd and group files for non-root user ids and group ids with a GID of 0. # more /etc/passwd # more /etc/group OR # awk -F: '$4 == 0' /etc/passwd # awk -F: '$3 == 0' /etc/group Confirm the only account with a group id of 0 is root. If the root account is not the only account with GID of 0, this is a finding. |
| Fix Text (F-28571r482628_fix) |
|---|
| Change the default GID of non-root accounts to a valid GID other than 0. |