UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The root account must be the only account with GID of 0.


Overview

Finding ID Version Rule ID IA Controls Severity
V-216438 SOL-11.1-070220 SV-216438r603267_rule Medium
Description
All accounts with a GID of 0 have root group privileges and must be limited to the group account only.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2021-11-23

Details

Check Text ( C-17674r371402_chk )
Identify any users with GID of 0.

# awk -F: '$4 == 0' /etc/passwd
# awk -F: '$3 == 0' /etc/group
Confirm the only account with a group id of 0 is root.

If the root account is not the only account with GID of 0, this is a finding.
Fix Text (F-17672r371403_fix)
The root role is required.

Change the default GID of non-root accounts to a valid GID other than 0.