Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
All accounts must be assigned unique User Identification Numbers (UIDs).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-762 | GEN000320 | SV-762r2_rule | IAIA-1 IAIA-2 | Medium |
| Description |
|---|
| Accounts sharing a UID have full access to each others' files. This has the same effect as sharing a login. There is no way to assure identification, authentication, and accountability because the system sees them as the same user. If the duplicate UID is 0, this gives potential intruders another privileged account to attack. |
| STIG | Date |
|---|---|
| UNIX SRG | 2013-03-26 |
Details
| Check Text ( C-27981r1_chk ) |
|---|
| List any duplicate UIDs in /etc/passwd: # cut -d':' -f3 /etc/passwd | uniq -d This will show one copy of each duplicate UID. |
| Fix Text (F-24344r1_fix) |
|---|
| Edit user accounts to provide unique UIDs for each account. |